Contributed by jose on from the patch--p0 dept.
"I'm sure everybody checks errata once a day or more, anyway there's a new patch from http://www.openbsd.org/errata.html . Quoting:Looking at the patch, it looks like another bounds checking problem. Simple fix, directions in the patch.# 015: SECURITY FIX: October 2, 2002 Incorrect argument checking in the setitimer(2) system call may allow an attacker to write to kernel memory.A source code ftp://ftp.openbsd.org/pub/OpenBSD/patches/3.1/common/015_kerntime.patch exists which remedies the problem."
(Comments are closed)