CVE-2016-6243

Name of the Vulnerable Software and Affected Versions OpenBSD versions 5.8 through 5.9

Description The issue is related to insufficient input validation in the thrsleep function in kern/kern synch.c. This allows a local user to cause a denial of service, specifically a kernel panic, by providing a crafted value in the tsp parameter of the thrsleep system call.

Recommendations For OpenBSD versions 5.8 and 5.9, consider restricting access to the thrsleep system call until a patch is available. As a temporary workaround, avoid using the tsp parameter in the thrsleep system call to minimize the risk of exploitation.