untrusted comment: verify with openbsd-66-base.pub
RWSvK/c+cFe24DOhE/lJTsJIT6rwHwWuXRPUGPqEWkK2ncm1XyFxCvFzaR2A/w+lnOwdJEkkLBcfj09jM7jiJOn6auiMX+t4Bgo=

OpenBSD 6.6 errata 013, December 11, 2019:

ld.so may fail to remove the LD_LIBRARY_PATH environment variable for
set-user-ID and set-group-ID executables in low memory conditions.

Apply by doing:
    signify -Vep /etc/signify/openbsd-66-base.pub -x 013_ldso.patch.sig \
        -m - | (cd /usr/src && patch -p0)

And then rebuild and install ld.so:
    cd /usr/src/libexec/ld.so
    make obj
    make
    make install

Index: libexec/ld.so/loader.c
===================================================================
RCS file: /cvs/src/libexec/ld.so/loader.c,v
retrieving revision 1.187
diff -u -p -u -r1.187 loader.c
--- libexec/ld.so/loader.c	4 Oct 2019 17:42:16 -0000	1.187
+++ libexec/ld.so/loader.c	11 Dec 2019 17:07:27 -0000
@@ -262,13 +262,14 @@ _dl_dopreload(char *paths)
 void
 _dl_setup_env(const char *argv0, char **envp)
 {
+	char *libpath;
 	static char progname_storage[NAME_MAX+1] = "";
 
 	/*
 	 * Get paths to various things we are going to use.
 	 */
 	_dl_debug = _dl_getenv("LD_DEBUG", envp) != NULL;
-	_dl_libpath = _dl_split_path(_dl_getenv("LD_LIBRARY_PATH", envp));
+	libpath = _dl_getenv("LD_LIBRARY_PATH", envp);
 	_dl_preload = _dl_getenv("LD_PRELOAD", envp);
 	_dl_bindnow = _dl_getenv("LD_BIND_NOW", envp) != NULL;
 	_dl_traceld = _dl_getenv("LD_TRACE_LOADED_OBJECTS", envp) != NULL;
@@ -282,9 +283,8 @@ _dl_setup_env(const char *argv0, char **
 	 */
 	_dl_trust = !_dl_issetugid();
 	if (!_dl_trust) {	/* Zap paths if s[ug]id... */
-		if (_dl_libpath) {
-			_dl_free_path(_dl_libpath);
-			_dl_libpath = NULL;
+		if (libpath) {
+			libpath = NULL;
 			_dl_unsetenv("LD_LIBRARY_PATH", envp);
 		}
 		if (_dl_preload) {
@@ -300,6 +300,8 @@ _dl_setup_env(const char *argv0, char **
 			_dl_unsetenv("LD_DEBUG", envp);
 		}
 	}
+	if (libpath)
+		_dl_libpath = _dl_split_path(libpath);
 	environ = envp;
 
 	_dl_trace_setup(envp);