Contributed by jose on from the patch--p0-<-file.patch dept.
An insufficient boundary check in the select(2) system calls allows an attacker to overwrite kernel memory and execute arbitrary code in kernel context.The patch has been rolled into 3.1-stable, is also available as patch 31 for OpenBSD-3.0 users. Directions on how to apply the patch are in the patchfile itself.
Update Looks like poll(2) is not affected, and Niels Provos has posted a security advisory about this , as well.
(Comments are closed)