from Hacker News

OpenBSD crond / crontab set_range() heap underflow (CVE-2024-43688)

by g0xA52A2A on 8/20/24, 4:20 AM with 1 comments

• by rkta on 8/20/24, 5:34 AM

  > An attacker can use this vulnerability to obtain root on OpenBSD 7.4 and 7.5.

  Ouch! And this all due to unsanitized user input. I really would have expected better from OpenBSD in 2023. I mean I would expect better from everyone but especially from OpenBSD.