NFS Client and Server Vulnerability in OpenBSD Products

CVE-2024-10934

Summary

A vulnerability exists within the NFS client and server implementations of OpenBSD versions prior to specific errata updates. This issue potentially allows for a double free of mbuf structures, which can lead to unexpected behavior or crashes. Moreover, the use of uninitialized variables in error handling further exacerbates the stability and security concerns of the NFS server. Users are advised to apply the relevant errata patches to mitigate these risks effectively.

References