CVE-2016-6240

Name of the Vulnerable Software and Affected Versions OpenBSD versions 5.8 through 5.9

Description The issue is related to an integer truncation error in the amap alloc function, which can be exploited by local users to execute arbitrary code with kernel privileges. This can be achieved by providing a large size value. The error is associated with improper handling of numbers.

Recommendations For OpenBSD versions 5.8 and 5.9, consider restricting access to the amap alloc function until a patch is available. As a temporary workaround, avoid using large size values in the amap alloc function to minimize the risk of exploitation. At the moment, there is no information about a newer version that contains a fix for this vulnerability.