December 14th, 2004, 13:08
Markus Friedl reported this on misc@ today:

"On systems running isakmpd(8) it is possible for a local user to cause kernel memory corruption and system panic by setting ipsec(4) credentials on a socket. Stopping isakmpd(8) does not prevent the memory corruption.

This has been fixed in OpenBSD-current, and the OpenBSD 3.6, 3.5, and 3.4 -stable branches. Patches are also available for OpenBSD 3.6, 3.5 and 3.4:


Thanks to Stefan Miltchev for reporting the problem.