Description
In OpenBSD 7.5 before errata 008 and OpenBSD 7.4 before errata 021, avoid possible mbuf double free in NFS client and server implementation, do not use uninitialized variable in error handling of NFS server.
CVSS Metrics
- Vector
- CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:Y/R:X/V:X/RE:X/U:X
- Attack Vector
- network
- Complexity
- low
- Privileges
- none
- User Action
- none
- Confidentiality
- undefined
- Integrity
- undefined
- Availability
- undefined
- Weaknesses
- CWE-415CWE-457
Metadata
- Primary Vendor
- OPENBSD
- Published
- 11/15/2024
- Last Modified
- 10/2/2025
- Source
- NIST NVD
- Note: Verify all details with official vendor sources before applying patches.
Affected Products
openbsd : openbsdopenbsd : openbsdopenbsd : openbsdopenbsd : openbsdopenbsd : openbsdopenbsd : openbsdopenbsd : openbsdopenbsd : openbsdopenbsd : openbsdopenbsd : openbsdopenbsd : openbsdopenbsd : openbsdopenbsd : openbsdopenbsd : openbsdopenbsd : openbsdopenbsd : openbsdopenbsd : openbsdopenbsd : openbsdopenbsd : openbsdopenbsd : openbsdopenbsd : openbsdopenbsd : openbsdopenbsd : openbsdopenbsd : openbsdopenbsd : openbsdopenbsd : openbsdopenbsd : openbsdopenbsd : openbsdopenbsd : openbsdopenbsd : openbsd
AI-Powered Remediation
Generate remediation guidance or a C-suite brief for this vulnerability.