CVE-2008-0384 Information

Description

OpenBSD 4.2 allows local users to cause a denial of service (kernel panic) by calling the SIOCGIFRTLABEL IOCTL on an interface that does not have a route label which triggers a NULL pointer dereference when the return value from the rtlabel_id2name function is not checked.

Reference

http://marc.info/?l=openbsd-security-announce&m=120007327504064 http://secunia.com/advisories/28473 http://www.openbsd.org/errata42.html005_ifrtlabel http://www.securityfocus.com/bid/27252 http://www.securitytracker.com/id?1019188 https://www.exploit-db.com/exploits/4935