CVE-2024-10934

In OpenBSD 7.5 before errata 008 and OpenBSD 7.4 before errata 021, avoid possible mbuf double free in NFS client and server implementation, do not use uninitialized variable in error handling of NFS server.

Published: Nov 15, 2024
Updated: Nov 16, 2025
CVE: CVE-2024-10934
Severity: Critical
Exploit:

CVSS v3:

Severity: Critical
Score: 9.8
AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

CWEs:

Affected Software
References

Software	From	Fixed in
openbsd / openbsd	-	7.4
openbsd / openbsd	7.4	7.4.x
openbsd / openbsd	7.4-errata_001	7.4-errata_001.x
openbsd / openbsd	7.4-errata_002	7.4-errata_002.x
openbsd / openbsd	7.4-errata_003	7.4-errata_003.x
openbsd / openbsd	7.4-errata_004	7.4-errata_004.x
openbsd / openbsd	7.4-errata_005	7.4-errata_005.x
openbsd / openbsd	7.4-errata_006	7.4-errata_006.x
openbsd / openbsd	7.4-errata_007	7.4-errata_007.x
openbsd / openbsd	7.4-errata_008	7.4-errata_008.x
openbsd / openbsd	7.4-errata_009	7.4-errata_009.x
openbsd / openbsd	7.4-errata_010	7.4-errata_010.x
openbsd / openbsd	7.4-errata_011	7.4-errata_011.x
openbsd / openbsd	7.4-errata_012	7.4-errata_012.x
openbsd / openbsd	7.4-errata_013	7.4-errata_013.x
openbsd / openbsd	7.4-errata_014	7.4-errata_014.x
openbsd / openbsd	7.4-errata_015	7.4-errata_015.x
openbsd / openbsd	7.4-errata_016	7.4-errata_016.x
openbsd / openbsd	7.4-errata_017	7.4-errata_017.x
openbsd / openbsd	7.4-errata_018	7.4-errata_018.x
openbsd / openbsd	7.4-errata_019	7.4-errata_019.x
openbsd / openbsd	7.4-errata_020	7.4-errata_020.x
openbsd / openbsd	7.5	7.5.x
openbsd / openbsd	7.5-errata_001	7.5-errata_001.x
openbsd / openbsd	7.5-errata_002	7.5-errata_002.x
openbsd / openbsd	7.5-errata_003	7.5-errata_003.x
openbsd / openbsd	7.5-errata_004	7.5-errata_004.x
openbsd / openbsd	7.5-errata_005	7.5-errata_005.x
openbsd / openbsd	7.5-errata_006	7.5-errata_006.x
openbsd / openbsd	7.5-errata_007	7.5-errata_007.x

Vulnerability Database

309,961

CVE-2024-10934

Deep Security Visibility Without the Complexity