The ip6_check_rh0hdr function in netinet6/ip6_input.c in OpenBSD 4.2 allows malicious users to cause a denial of service (panic) via malformed IPv6 routing headers.
openbsd openbsd 4.2