BSDSec

deadsimple BSD Security Advisories and Announcements

OpenBSD Errata: May 8th, 2018 (ipseclen)

8 May, 2018 by tj@openbsd.org | openbsd 

Errata patches for IPsec have been released for OpenBSD 6.3 and 6.2.

Incorrect handling of fragmented IPsec packets could result in a system crash.

Binary updates for the amd64, i386, and arm64 platforms are available via
the syspatch utility. Source code patches can be found on the respective
errata pages:

  https://www.openbsd.org/errata62.html
  https://www.openbsd.org/errata63.html

As these affect the kernel, a reboot will be needed after patching.