CVE-2006-5218

Name of the Vulnerable Software and Affected Versions OpenBSD version 3.9 NetBSD version 3

Description The issue is related to an integer overflow in the systrace preprepl function, specifically with the STRIOCREPLACE ioctl. This can be exploited by local users to cause a denial of service, potentially gain privileges, or read arbitrary kernel memory by providing large numeric arguments to the systrace ioctl.

Recommendations For OpenBSD version 3.9, update to a version that includes a fix for the integer overflow in the systrace preprepl function. For NetBSD version 3, update to a version that includes a fix for the integer overflow in the systrace preprepl function.