=====================================================================
                                 CERT-Renater

                      Note d'Information No. 2004/VULN230
_____________________________________________________________________

DATE                      : 14/05/2004

HARDWARE PLATFORM(S)      : /

OPERATING SYSTEM(S)       : OpenBSD-stable, 3.4, 3.5.
                            
======================================================================

Incorrect bounds checking in several procfs functions could allow an 
unprivileged malicious user to read arbitrary kernel memory, with the 
potential to use this information to escalate privilege.  OpenBSD does not 
mount the proc filesystem by default, and we continue to recommend against 
its use.

The cvs -stable branches have been updated to contain a fix, which is also 
available in patch form for 3.4 and 3.5.

Credit goes to Deprotect Advisories <advisories@deprotect.com> for 
identification of the bug.

Patches: ftp://ftp.openbsd.org/pub/OpenBSD/patches/3.5/common/006_procfs.patch
ftp://ftp.openbsd.org/pub/OpenBSD/patches/3.4/common/020_procfs.patch



======================================================================

        =========================================================
        Les serveurs de référence du CERT-Renater
        http://www.urec.fr/securite
        http://www.cru.fr/securite
        http://www.renater.fr 
	=========================================================
	+ CERT-RENATER		| tel : 01-53-94-20-44		+
	+ 151 bd de l'Hopital	| fax : 01-53-94-20-41		+
	+ 75013 Paris		| email: certsvp@renater.fr	+
	=========================================================