OpenBSD Systrace STRIOCREPLACE Local Integer Overflow Vulnerability

info
discussion
exploit
solution
references

OpenBSD Systrace STRIOCREPLACE Local Integer Overflow Vulnerability

OpenBSD systrace is prone to a local integer-overflow vulnerability.

An attacker can exploit this vulnerability to execute arbitrary code with elevated privileges. A successful exploit could lead to a complete compromise of affected computers.

OpenBSD 3.8 and 3.9 are reported vulnerable; other BSD variants such as NetBSD and FreeBSD may be affected as well.