[原文]The kernel in NetBSD-current before September 28, 2005 allows local users to cause a denial of service (system crash) by using the SIOCGIFALIAS ioctl to gather information on a non-existent alias of a network interface, which causes a NULL pointer dereference.
NetBSD SIOCGIFALIAS ioctl() Crafted Request Local DoS
Local Access Required
Denial of Service
Loss of Availability
NetBSD contains a flaw that may allow a local denial of service. The issue is triggered when a malicious user attempts to gather information on a non-existent alias of a network interface via the SIOCGIFALIAS ioctl, resulting in a NULL dereference in the kernel when the alias in question is not located. This will lead to a loss of availability for the platform.
Obtain fixed kernel sources, rebuild and install the new kernel, and reboot the system.
The fixed source may be obtained from the NetBSD CVS repository.