"PaX is also still the only project that focuses at all on preventing kernel exploits as well with its KERNEXEC (and soon, KERNSEAL) feature. Expect OpenBSD to independently invent a protection against null ptr deref bugs sometime in 2009."
I couldn't find much information on this (as was to be expected since I'm assuming, of course, it's still in the works) however I did stumble upon "kernseal.txt 2003.05.01 14:20 GMT sealed kernel storage design & implementation" on the PaX documentation page. I'm really curious; can we expect this new feature in the next release? Sound's pretty interesting in my opinion, so you can imagine my excitement in waiting for details.
Love the OpenBSD remark by the way.