It sounds like one local privilege escalation (possibly?) and a series of crashers?<p>Honestly walking away with those being the highest severity bugs is a credit to the OpenBSD team and their focus on security. They're totally bugs and it sounds like they're getting fixed immediately, but... many kernels fix these types of things all the time and don't even consider them security bugs.
And for those not aware, Project Triforce, is NCC's effort to run the wonderful fuzzer American Fuzzy Lop, on everything:<p><a href="https://www.nccgroup.trust/us/about-us/newsroom-and-events/blog/2016/june/project-triforce-run-afl-on-everything/" rel="nofollow">https://www.nccgroup.trust/us/about-us/newsroom-and-events/b...</a>
I wish someone would release something like Fuzzing At Home. I've got computer power to throw at it, but I don't really have the expertise to do the setup work...
It's striking how many of these issues cause panics because of assertions that were already in the code. Without good assertion use, I would assume that many of these would have been much worse.
More readable archived copy:
<a href="http://permalink.gmane.org/gmane.comp.security.oss.general/19946" rel="nofollow">http://permalink.gmane.org/gmane.comp.security.oss.general/1...</a><p>(I'm not a fan of gmane, but it did a better job with this particular mail than the alternatives.)
Ted U. announced that usermount will be removed in OpenBSD 6.0<p><a href="https://marc.info/?l=openbsd-announce&m=146854517406640&w=2" rel="nofollow">https://marc.info/?l=openbsd-announce&m=146854517406640&w=2</a>
Firstly glad to see these reported and fixed.<p>Secondly how many of these were remotely exploitable? Yes OpenBSD is limited in it's exposure with the "base system", but it seems like few of these pose as "holes" for the system? Arguably pledge(2) could factor into this, maybe? I'll let someone better qualified comment.<p>Again glad to see these fixed. But is the baseline free user access to the whole system for NetSec/ OpSec these days? I don't know maybe it is.<p>I'm just reluctant to have to read through the HN, "OMG OpenBSD had CVEs" and "C is insecure". Arguably the later has some merit but C isn't going away anytime soon, for better or for worse.
While a bit surprising to see so many at once in OBSD kudos to the team for the rapid response and to those who found the bugs for their responsible disclosure.
Fuzzing is not something I have looked at seriously (to be honest it seems like asking clients to take up running before walking) but the outcomes are ... Impressive.