BSDSec

deadsimple BSD Security Advisories and Announcements

OpenBSD errata, Mar 20, 2017

23 March, 2017 by Todd.Miller@courtesan.com | openbsd 

ELF auxiliary vector storage leaks piece of kernel stack.

A potential information leak exists in the OpenBSD kernel which
could result in data from the kernel stack being leaked to userland
via the ELF auxiliary vector.

The problem has been fixed in -current. For 5.9 and 6.0 the following
errata patches are available.

https://ftp.openbsd.org/pub/OpenBSD/patches/6.0/common/020_exec_elf.patch.sig

https://ftp.openbsd.org/pub/OpenBSD/patches/5.9/common/037_exec_elf.patch.sig