[原文]NetBSD 2.0 before 2.0.4, 2.1 before 2.1.1, and 3, when the kernel is compiled with "options DIAGNOSTIC," allows local users to cause a denial of service (kernel assertion panic) via a negative linger time in the SO_LINGER socket option.
NetBSD SO_LINGER Socket Option Negative Value Local DoS
Local Access Required
Denial of Service,
Loss of Availability
NetBSD contains a flaw that may allow a local denial of service. The issue is triggered when a malicious user passes a negative value for linger time through the SO_LINGER socket option, and will result in loss of availability for the platform.
Upgrade to version 2.1 after the correction date or higher, as it has been reported to fix this vulnerability. It is also possible to correct the flaw by implementing the following workaround: remove "options DIAGNOSTIC" from the kernel configuration file and recompile.