Errata patches for IPsec have been released for OpenBSD 6.3 and 6.2. A malicious packet can cause a kernel crash when using IPsec over IPv6.
Binary updates for the amd64, i386, and arm64 platforms are available via the syspatch utility. Source code patches can be found on the respective errata pages: https://www.openbsd.org/errata62.html https://www.openbsd.org/errata63.html As these affect the kernel, a reboot will be needed after patching.
