CVE-2024-43688

cron/entry.c in vixie cron before 9cc8ab1, as used in OpenBSD 7.4 and 7.5, allows a heap-based buffer underflow and memory corruption. NOTE: this issue was introduced during a May 2023 refactoring...

CVE-2024-11149

OpenBSD 7.4 prior to errata 014 contains a vulnerability in vmm(4) where the GDTR limits were not properly restored on Intel (VMX) CPUs. The issue affects the vmm subsystem, specifically the GDTR handling in the virtual machine monitor, leading to potential misbehavior on affected Intel VMX hosts...

CVE-2024-11148

In OpenBSD 7.4 before errata 006 and OpenBSD 7.3 before errata 020, httpd8 is vulnerable to a NULL dereference when handling a malformed fastcgi request...

CVE-2024-11148 OpenBSD httpd(8) null dereference

In OpenBSD 7.4 before errata 006 and OpenBSD 7.3 before errata 020, httpd8 is vulnerable to a NULL dereference when handling a malformed fastcgi request...

CVE-2024-10934

In OpenBSD 7.5 before errata 008 and OpenBSD 7.4 before errata 021, avoid possible mbuf double free in NFS client and server implementation, do not use uninitialized variable in error handling of NFS server...

CVE-2024-10934

CVE-2024-10934 affects OpenBSD NFS components (client and server) on OpenBSD 7.4 before errata 021 and 7.5 before errata 008, due to a mbuf double-free and use of an uninitialized variable in NFS server error handling. The vulnerability is tied to the same CVE entry across multiple feeds; patches...

CVE-2024-43688

cron/entry.c in vixie cron before 9cc8ab1, as used in OpenBSD 7.4 and 7.5, allows a heap-based buffer underflow and memory corruption. NOTE: this issue was introduced during a May 2023 refactoring...

CVE-2024-43688

cron/entry.c in vixie cron before 9cc8ab1, as used in OpenBSD 7.4 and 7.5, allows a heap-based buffer underflow and memory corruption. NOTE: this issue was introduced during a May 2023 refactoring...

CVE-2024-43688

cron/entry.c in vixie cron before 9cc8ab1, as used in OpenBSD 7.4 and 7.5, allows a heap-based buffer underflow and memory corruption. NOTE: this issue was introduced during a May 2023 refactoring...

CVE-2024-43688

cron/entry.c in vixie cron before 9cc8ab1, as used in OpenBSD 7.4 and 7.5, allows a heap-based buffer underflow and memory corruption. NOTE: this issue was introduced during a May 2023 refactoring...

CVE-2024-43688

CVE-2024-43688 affects cron/entry.c in vixie cron prior to 9cc8ab1, as used in OpenBSD 7.4 and 7.5. The issue is a heap-based buffer underflow leading to memory corruption, introduced during a May 2023 refactoring. Affected products include vixie cron and OpenBSD releases 7.4/7.5; impact is memor...

CVE-2023-52556

In OpenBSD 7.4 before errata 009, a race condition between pf4's processing of packets and expiration of packet states may cause a kernel panic...

Race condition

In OpenBSD 7.4 before errata 009, a race condition between pf4's processing of packets and expiration of packet states may cause a kernel panic...

CVE-2023-52558 OpenBSD 7.4 and 7.3 m_split() network buffer kernel crash

In OpenBSD 7.4 before errata 002 and OpenBSD 7.3 before errata 019, a network buffer that had to be split at certain length that could crash the kernel after receiving specially crafted escape sequences...

PT-2024-14626 · Openbsd · Openbsd

Name of the Vulnerable Software and Affected Versions: OpenBSD version 7.4 before errata 009 Description: A race condition exists between pf4's processing of packets and expiration of packet states, which may cause a kernel panic. Recommendations: For OpenBSD version 7.4 before errata 009, apply...