=====================================================================
                                 CERT-Renater

                      Note d'Information No. 2003/VULN347
_____________________________________________________________________

DATE                      : 20/11/2003

HARDWARE PLATFORM(S)      : /

OPERATING SYSTEM(S)       : OpenBSD 3.3, 3.4
                            
======================================================================


Georgi Guninski reported a stack overrun due to a missing bounds check 
in the kernel's iBCS2 emulation.  Another similar problem was also fixed 
at the same time.

This issue only affects the i386 architecture.

On OpenBSD 3.3, this may result in arbitray code execution and local user
privilege escalation.

On OpenBSD 3.4, ProPolice catches this, turning a potential privilege
escalation into a denial of service.

Fixes have been committed to the -stable cvs branches, and patches are
also available at

  ftp://ftp.openbsd.org/pub/OpenBSD/patches/3.4/i386/006_ibcs2.patch
and
  ftp://ftp.openbsd.org/pub/OpenBSD/patches/3.3/i386/011_ibcs2.patch


======================================================================

        =========================================================
        Les serveurs de référence du CERT-Renater
        http://www.urec.fr/securite
        http://www.cru.fr/securite
        http://www.renater.fr 
	=========================================================
	+ CERT-RENATER		| tel : 01-53-94-20-44		+
	+ 151 bd de l'Hopital	| fax : 01-53-94-20-41		+
	+ 75013 Paris		| email: certsvp@renater.fr	+
	=========================================================