info
discussion
exploit
solution
references
OpenBSD setitimer(2) Kernel Memory Overwrite Vulnerability
Solution:
OpenBSD has made available source code patches for OpenBSD 3.1 and 3.0.
OpenBSD OpenBSD 3.0
OpenBSD 032_kerntime.patch
Apply by doing: cd /usr/src patch -p0 < 032_kerntime.patchAnd then rebuild your kernel.
ftp://ftp.openbsd.org/pub/OpenBSD/patches/3.0/common/032_kerntime.patc h
OpenBSD OpenBSD 3.1
OpenBSD 015_kerntime.patch
Apply by doing: cd /usr/src patch -p0 < 015_kerntime.patchAnd then rebuild your kernel.
ftp://ftp.openbsd.org/pub/OpenBSD/patches/3.1/common/015_kerntime.patc h
Privacy Statement
Copyright 2010, SecurityFocus
