OpenBSD errata, Mar 20, 2017

Previous Topic Next Topic
 
classic Classic list List threaded Threaded
1 message Options
Reply | Threaded
Open this post in threaded view
|

OpenBSD errata, Mar 20, 2017

Todd C. Miller
ELF auxiliary vector storage leaks piece of kernel stack.

A potential information leak exists in the OpenBSD kernel which
could result in data from the kernel stack being leaked to userland
via the ELF auxiliary vector.

The problem has been fixed in -current. For 5.9 and 6.0 the following
errata patches are available.

https://ftp.openbsd.org/pub/OpenBSD/patches/6.0/common/020_exec_elf.patch.sig

https://ftp.openbsd.org/pub/OpenBSD/patches/5.9/common/037_exec_elf.patch.sig