deadsimple BSD Security Advisories and Announcements

OpenBSD Errata: May 22nd, 2017 (icmp_opts)

Errata patches for icmp_opts have been released for OpenBSD 6.1 and 6.0.

The kernel could leak memory when processing ICMP packets with IP options.

Binary updates for the amd64 and i386 platforms are available via the
syspatch utility. Source code patches can be found on the respective
errata pages:

As this affects the kernel, a reboot will be needed after patching.

If pf is enabled and none of your rules specify the allow-opts parameter,
this issue does not affect you.