The results of fuzzing testing of the OpenBSD ping utility have been published following the recent discovery of a remotely exploitable vulnerability in the ping utility supplied with FreeBSD. The ping utility used in OpenBSD is not affected by the problem identified in FreeBSD (the vulnerability is present in the new implementation of the pr_pack() function, rewritten by the FreeBSD developers in 2019), but during the test another bug surfaced that had remained undetected for 24 years. The error causes an infinite loop when processing a response with a zero-size option field in an IP packet. The fix is ββalready included with OpenBSD. The issue is not considered a vulnerability because the network stack in the OpenBSD kernel does not allow such packets to enter user space.
Source: opennet.ru