OpenBSD Operating System

639 readers

1 users here now

useful resources:

https://www.openbsd.org/
https://undeadly.org/cgi?action=front

Developer blogs:

https://jcs.org/
https://reykfloeter.com/
https://www.tedunangst.com/
https://poolp.org/

Ressources:

https://si3t.ch/ah/en/

founded 5 years ago

MODERATORS

[email protected]

Heap Overflow in OpenBSD's slaacd via Router Advertisement (blog.quarkslab.com)

submitted 3 years ago by [email protected] to c/[email protected]

0 comments fedilink hide all child comments

In this blog post we analyze a heap overflow vulnerability we discovered in the IPv6 stack of OpenBSD, more specifically in its slaacd daemon. This issue, whose root cause can be found in the mishandling of Router Advertisement messages containing a DNSSL option with a malformed domain label, was patched by OpenBSD on March 21, 2022. A proof-of-concept to reproduce the vulnerability is provided.

no comments (yet)

sorted by: hot top controversial new old

there doesn't seem to be anything here