Core Security Technologies has published an advisory titled OpenBSD’s IPv6 mbufs remote kernel buffer overflow.
The issue is serious, and the “Only one remote hole in the default install, in more than 10 years!” statement of OpenBSD has just been updated to “Only two remote holes…”
A security hole in the IPv6 code can be remotely exploited to execute arbitrary kernel code.
This is only exploitable if a vulnerable host can process IPv6 packets. If the host has no external IPv6 network address, attacks are only possible from other hosts from the local network.
If you don’t use IPv6, a quick workaround is to add that rule to your /etc/pf.conf file:
block in quick inet6
And then, enable pf it it wasn’t already running.
OpenBSD 4.1 is not vulnerable.
But previous versions are. Patches are available to fix that issue. Here’s the errata for OpenBSD 4.0 and the errata for OpenBSD 3.9.