High severity7.3NVD Advisory· Published Aug 20, 2024· Updated Apr 15, 2026

CVE-2024-43688

Description

cron/entry.c in vixie cron before 9cc8ab1, as used in OpenBSD 7.4 and 7.5, allows a heap-based buffer underflow and memory corruption. NOTE: this issue was introduced during a May 2023 refactoring.

Patches

9cc8ab1087bb

https://github.com/vixie/cronvia osv

commit

Vulnerability mechanics

Generated by null/stub on May 9, 2026. Inputs: CWE entries + fix-commit diffs from this CVE's patches. Citations validated against bundle.

References

github.com/vixie/cron/commit/9cc8ab1087bb9ab861dd5595c41200683c9f6712nvd
www.supernetworks.org/CVE-2024-43688/openbsd-cron-heap-underflow.txtnvd
www.supernetworks.org/advisories/CVE-2024-43688-openbsd-cron-heap-underflow.txtnvd

News mentions

No linked articles in our index yet.

cvss	0.474
epss	0.000
exploit	0.000
kev	0.000
patch	-0.070
ransomware	0.000