CVE-2024-10933 Information

Dec 07, 2024 cve

Description

In OpenBSD 7.5 before errata 009 and OpenBSD 7.4 before errata 022 exclude any ‘/’ in readdir name validation to avoid unexpected directory traversal on untrusted file systems.

Reference

https://ftp.openbsd.org/pub/OpenBSD/patches/7.4/common/022_readdir.patch.sig url https://ftp.openbsd.org/pub/OpenBSD/patches/7.5/common/009_readdir.patch.sig url

Share on: