NetBSD contains a flaw that may allow a malicious user to gain access to unauthorized privileges. The issue is triggered when a shell script used to install System V Release 4 (SVR4) binary compatibility mismatches device major numbers during device creation, resulting in read and write access to any data on the first IDE disk. This flaw may lead to a loss of integrity.
NetBSD has released a patch to address this vulnerability. Also, it is possible to correct the flaw by implementing the following workaround: remove the existing device special file and create a new one.
#/bin/rm -f /emul/svr4/dev/wabi
#/sbin/mknod /emul/svr4/dev/wabi c 2 2
#/bin/chmod u=rw,g=rw,o=rw /emul/svr4/dev/wabi