OpenBSD IBCS2 Binary Length Parameter Kernel-Based Buffer Overrun Vulnerability

OpenBSD IBCS2 Binary Length Parameter Kernel-Based Buffer Overrun Vulnerability

Solution:
The vendor has addressed this issue via CVS. The patched source file can be obtained through the following link:

http://www.openbsd.org/cgi-bin/cvsweb/src/sys/compat/ibcs2/ibcs2_exec.c.diff?r1=1.14.6.1&r2=1.14.6.2

Patches have also been made available.

OpenBSD OpenBSD 3.3

OpenBSD 011_ibcs2.patch
ftp://ftp.openbsd.org/pub/OpenBSD/patches/3.3/i386/011_ibcs2.patch

OpenBSD OpenBSD 3.4

OpenBSD 006_ibcs2.patch
ftp://ftp.openbsd.org/pub/OpenBSD/patches/3.4/i386/006_ibcs2.patch