BSDSec

deadsimple BSD Security Advisories and Announcements

OpenBSD Errata: July 25th, 2019 (tcpsack)

Errata patches for the kernel have been released for OpenBSD 6.4 and 6.5.

By creating long chains of TCP SACK holes, an attacker could possibly
slow down the system temporarily.

Binary updates for the amd64, i386, and arm64 platforms are available
via the syspatch utility. Source code patches can be found on the
respective errata page:

  https://www.openbsd.org/errata64.html
  https://www.openbsd.org/errata65.html

As these affect the kernel, a reboot will be needed after patching.