CVE-2005-4782

Name of the Vulnerable Software and Affected Versions NetBSD versions 2.0 through 2.0.3 NetBSD versions 2.1 through 2.1.0 NetBSD version 3

Description The issue allows local users to cause a denial of service, resulting in a kernel assertion panic. This can be achieved by setting a negative linger time in the SO LINGER socket option when the kernel is compiled with the "options DIAGNOSTIC" setting.

Recommendations For NetBSD versions 2.0 through 2.0.3, update to version 2.0.4 or later. For NetBSD versions 2.1 through 2.1.0, update to version 2.1.1 or later. For NetBSD version 3, consider disabling the "options DIAGNOSTIC" setting until a patch is available. As a temporary workaround, avoid using negative linger times in the SO LINGER socket option.