untrusted comment: verify with openbsd-68-base.pub
RWQZj25CSG5R2h7LFmAu1l2QlTNpkZM5O9FpvyBh29lTUHqg5lv+cy1JX6sjnHI4hTCxfZyw13PgXDKpfHyHFjSAXFf4liknwQU=

OpenBSD 6.8 errata 012, January 13, 2021:

Use of bpf(4) on a carp interface could result in a use after free
error.

Apply by doing:
   signify -Vep /etc/signify/openbsd-68-base.pub -x 012_carp.patch.sig \
       -m - | (cd /usr/src && patch -p0)

And then rebuild and install a new kernel:
   KK=`sysctl -n kern.osversion | cut -d# -f1`
   cd /usr/src/sys/arch/`machine`/compile/$KK
   make obj
   make config
   make
   make install

Index: sys/netinet/ip_carp.c
===================================================================
RCS file: /cvs/src/sys/netinet/ip_carp.c,v
retrieving revision 1.349
diff -u -p -r1.349 ip_carp.c
--- sys/netinet/ip_carp.c       28 Jul 2020 16:44:34 -0000      1.349
+++ sys/netinet/ip_carp.c       8 Jan 2021 13:38:29 -0000
@@ -2282,10 +2282,8 @@ carp_transmit(struct carp_softc *sc, str
#if NBPFILTER > 0
       {
               caddr_t if_bpf = ifp->if_bpf;
-               if (if_bpf) {
-                       if (bpf_mtap_ether(if_bpf, m, BPF_DIRECTION_OUT))
-                               m_freem(m);
-               }
+               if (if_bpf)
+                       bpf_mtap_ether(if_bpf, m, BPF_DIRECTION_OUT);
       }
#endif /* NBPFILTER > 0 */

You are viewing proxied material from ftp.icm.edu.pl. The copyright of proxied material belongs to its original authors. Any comments or complaints in relation to proxied material should be directed to the original authors of the content concerned. Please see the disclaimer for more details.