[原文]The OSI networking kernel (sys/netiso) in NetBSD 1.6.1 and earlier does not use a BSD-required "PKTHDR" mbuf when sending certain error responses to the sender of an OSI packet, which allows remote attackers to cause a denial of service (kernel panic or crash) via certain OSI packets.
NetBSD contains a flaw that may allow a remote denial of service. The issue is triggered when a malicious user sends a carefully prepared OSI networking packet to a victim system that is using the OSI networking kernel (sys/netiso), and will result in loss of availability for the platform.
NetBSD has released a patch, with detailed instructions for each version in its advisory, to address this vulnerability. It is possible to correct the flaw by implementing the following workaround(s): do not configure OSI addresses onto your system, disable any OSI addresses already configured, and configure/boot a kernel without "options OSI".