CVE-2016-6245

Name of the Vulnerable Software and Affected Versions OpenBSD versions 5.8 through 5.9

Description The issue is related to errors in the code of the OpenBSD operating system. It can be exploited by a local attacker to cause a denial of service, resulting in a kernel panic, by using a large size in a getdents system call.

Recommendations For OpenBSD versions 5.8 and 5.9, consider restricting the use of the getdents system call to minimize the risk of exploitation until a patch is available. As a temporary workaround, limit the size of the system call to prevent a kernel panic. At the moment, there is no information about a newer version that contains a fix for this vulnerability.