[原文]The bridge functionality in OpenBSD 3.4 and 3.5, when running a gateway configured as a bridging firewall with the link2 option for IPSec enabled, allows remote attackers to cause a denial of service (crash) via an ICMP echo (ping) packet.
OpenBSD contains a flaw that may allow a remote denial of service. The issue is triggered by processing a single ICMP packet when the system is configured as a bridge with IPSEC processing enabled, and will result in loss of availability for the platform.
Currently, there are no known workarounds or upgrades to correct this issue. However, OpenBSD has released a patch to address this vulnerability.