Integer truncation error in the amap_alloc function in OpenBSD 5.8 and 5.9 allows local users to execute arbitrary code with kernel privileges via a large size value.
http://www.securitytracker.com/id/1036318
http://www.securityfocus.com/bid/91805
http://www.openwall.com/lists/oss-security/2016/07/14/5