OpenBSD Journal

Patch 007: sysctl

Contributed by jose on from the invalid-arguments dept.

The OpenBSD team has released Patch 007 for all architectures using the 3.4 release. As described on the errata entry , "It is possible for a local user to cause a crash via sysctl(3) with certain arguments." This is a local denial of service which is remedied by this patch.

For OpenBSD-3.3, Patch 012 has been released to address this issue.

(Comments are closed)


Comments
  1. By Wouter () on

    Is this the same problem which is described here for netbsd?

    Comments
    1. By gwyllion () on

      I don't think so. The NetBSD problems were located in sys/kern/kern_sysctl.c while patch 007 makes some changes to sys/uvm/uvm_glue.c

      Code to crash OpenBSD using this bug was sent to the full-disclosure mailing list in a fake email .

Latest Articles

Credits

Copyright © - Daniel Hartmeier. All rights reserved. Articles and comments are copyright their respective authors, submission implies license to publish on this web site. Contents of the archive prior to as well as images and HTML templates were copied from the fabulous original deadly.org with Jose's and Jim's kind permission. This journal runs as CGI with httpd(8) on OpenBSD, the source code is BSD licensed. undeadly \Un*dead"ly\, a. Not subject to death; immortal. [Obs.]