Security researchers have discovered a critical flaw in the OpenBSD kernel.

The rare vulnerability - only the second severe kernel bug in the history of the development of OpenBSD - involves a flaw in OpenBSD's IPv6 stack that potentially lends itself to remote exploitation by hackers. Fortunately, source code patches are available for OpenBSD 3.9 and 4.0.

Applying the patches involves recompiling the kernel and rebooting affected machines. If applying these updates isn't immediately convenient, workarounds involve disabling IPv6 traffic (as explained here).

Credit for discovering the flaw goes to security researchers at Core Security, whose well-documented advisory, which includes proof of concept code, can be found here). ®

Related stories

• OpenBSD 5.0 reveals MAD-themed release (1 November 2011)

  https://www.theregister.com/2011/11/01/openbsd_5_mad_themed_release/

• FreeBSD bug grants local root access (14 September 2009)

  https://www.theregister.com/2009/09/14/freebsd_security_bug/

• OpenBSD 4.5 light cycles into the wild (1 May 2009)

  https://www.theregister.com/2009/05/01/openbsd_4point5_release/

• Experts scramble to quash IPv6 flaw (11 May 2007)

  https://www.theregister.com/2007/05/11/ipv6_flaw_scramble/

• Security, privacy and DRM: My wishes for 2007 (13 January 2007)

  https://www.theregister.com/2007/01/13/security_wishes/

• How not to respond to a security advisory (19 January 2006)

  https://www.theregister.com/2006/01/19/securelevel_bsd_unix/

• Open-source projects get free checkup by automated tools (29 June 2005)

  https://www.theregister.com/2005/06/29/coverity_analyses_freebsd_for_flaws/

• US military shuns BSD for hopping landmines (18 April 2003)

  https://www.theregister.com/2003/04/18/us_military_shuns_bsd/