OpenBSD 7.4 Errata 012

Submit a proposal Propose CVE/GCVE/GHSA reference

Approved changes feed: RSS · Atom

cpe:2.3:o:openbsd:openbsd:7.4:errata_012:*:*:*:*:*:*

part: o version: 7.4 update: errata_012

VendorOpenbsd (932cdfc2-94b9-5fb6-8ef3-d0b271f414b5)
ProductOpenbsd (53340739-b0b7-5bcf-88ee-45d5aaf96683)
Edition*
Language*
Software edition*
Target software*
Target hardware*
Other*
NotesImported from NVD CPE 2.0 feed

PURL mappings

PURLSourceLast updated
pkg:github/openbsd/src purl2cpe 2026-06-01 10:17:38.225571
pkg:openbsd/openbsd purl2cpe 2026-06-01 10:17:38.225573

Vulnerability references

IdentifiercpeApplicabilitySubmitteddb.gcve.eu detailsRationale
CVE:CVE-2024-11149 vulnerable 2026-06-08 06:23:48.945729 OpenBSD vmm GDTR limits
HIGH (7.9)
In OpenBSD 7.4 before errata 014, vmm(4) did not restore GDTR limits properly on Intel (VMX) CPUs.
Published: 2024-12-06T01:56:12.697Z
Updated: 2024-12-06T16:41:55.500Z
Reference links
Imported from gcve-enriched-dumps CVE data
CVE:CVE-2024-10934 vulnerable 2026-06-08 06:23:48.206503 OpenBSD NFS double-free vulnerability
CRITICAL (9.8)
In OpenBSD 7.5 before errata 008 and OpenBSD 7.4 before errata 021, avoid possible mbuf double free in NFS client and server implementation, do not use uninitialized variable in error handling of NFS server.
Published: 2024-11-15T19:20:02.231Z
Updated: 2025-10-02T14:09:00.828Z
Reference links
Imported from gcve-enriched-dumps CVE data
CVE:CVE-2024-10933 vulnerable 2026-06-08 06:23:48.181599 OpenBSD readdir directory traversal
MEDIUM (5)
In OpenBSD 7.5 before errata 009 and OpenBSD 7.4 before errata 022, exclude any '/' in readdir name validation to avoid unexpected directory traversal on untrusted file systems.
Published: 2024-12-05T20:06:23.001Z
Updated: 2024-12-05T20:40:58.356Z
Reference links
Imported from gcve-enriched-dumps CVE data

Contribute

You can submit an edit proposal for this CPE entry or suggest a related product/vendor addition using the action button above.