BSDSec

deadsimple BSD Security Advisories and Announcements

OpenBSD Errata: May 3rd, 2019 (rip6cksum)

Errata patches for the kernel have been released for OpenBSD 6.3, 6.4,
and 6.5.

If a userland program sets the IPv6 checksum offset on a raw socket,
an incoming packet could crash the kernel. ospf6d is such a program.

Binary updates for the amd64, i386, and arm64 platforms are available
via the syspatch utility. Source code patches can be found on the
respective errata page:

  https://www.openbsd.org/errata63.html
  https://www.openbsd.org/errata64.html
  https://www.openbsd.org/errata65.html

As these affect the kernel, a reboot will be needed after patching.
Note that this is the last erratum for OpenBSD 6.3.