OpenBSD Information for VU#986425

OpenBSD IPv6 kernel buffer overflow vulnerability

Status

Affected

Vendor Statement

A second revision of the patch fixing incorrect mbuf handling for ICMP6
packets has been created.

It will be available via ftp soon from the URLs given below.
The fix has also been applied to the OpenBSD 3.9 and 4.0 stable branches
in cvs, please see
http://www.openbsd.org/stable.html for details.

Please make sure you get the second revision of the patch, as noted in
the patch files.

OpenBSD 3.9: errata 020
ftp://ftp.openbsd.org/pub/OpenBSD/patches/3.9/common/020_m_dup1.patch

OpenBSD 4.0: errata 010
ftp://ftp.openbsd.org/pub/OpenBSD/patches/4.0/common/010_m_dup1.patch

Vendor Information

The vendor has not provided us with any further information regarding this vulnerability.

Vendor References

None

Addendum

If you have feedback, comments, or additional information about this vulnerability, please send us email.