[原文]Multiple syscalls in the compat subsystem for NetBSD before 2.0 allow local users to cause a denial of service (kernel crash) via a large signal number to (1) xxx_sys_kill, (2) xxx_sys_sigaction, and possibly other translation functions.
NetBSD contains a flaw that may allow a malicious user to gain access to unauthorized privileges. The issue is triggered when a malicious user passes an improper syscall argument to a translation function that performs unsafe operations. The issue is also triggered when a malicious user executes a specially-crafted foreign binary. This flaw can cause kernel traps resulting in a loss of availablity.
Upgrade to version 2.0 or 1.6.2 after the correction date, as it has been reported to fix this vulnerability. In addition, NetBSD can be patched from files on CVS.