BSDSec

deadsimple BSD Security Advisories and Announcements

OpenBSD Errata: September 2nd, 2019 (frag6ecn)

1 September, 2019 by tj@openbsd.org | openbsd 

Errata patches for the kernel have been released for OpenBSD 6.4 and 6.5.

When processing ECN bits on incoming IPv6 fragments, the kernel could crash.
Per default pf fragment reassemble prevents the crash. 

Binary updates for the amd64, i386, and arm64 platforms are available
via the syspatch utility. Source code patches can be found on the
respective errata page:

  https://www.openbsd.org/errata64.html
  https://www.openbsd.org/errata65.html

As these affect the kernel, a reboot will be needed after patching.