Note: This is an archival copy of Security Sun Alert 200079 as previously published on http://sunsolve.sun.com.|
Latest version of this security advisory is available from http://support.oracle.com as Sun Alert 1000063.1.
Solaris 9 Operating System
Solaris 10 Operating System
Solaris 8 Operating System
Date of Resolved Release
A security vulnerability related to a race condition during the handling of thread contexts in the Solaris kernel may allow a local unprivileged user to panic the system and thereby cause a Denial of Service (DoS) condition.
This issue can occur in the following releases:
A number of different types of panic can result, making it difficult to quickly pin-point this issue as the cause. However, as an example, the following command can be run on a crash dump:
# echo "*panic_thread::findstack !grep kcpc_free" |mdb unix.0 vmcore.0
and if output similar to the following is produced:
it is likely that this issue has occurred.
Note: by default, crash dumps are written to "/var/crash/<uname -n>". See dumpadm(1M) for further information.
There is no workaround for this issue. Please see the Resolution section below.
This issue is addressed in the following releases:
Note: There are additional patches which complete the fix for 6351092 but these patches are not required to secure a system against the vulnerability in this Sun Alert. The additional patches are only required to ensure consistency with and correct functioning of the debug facilities on your system. (The Solaris 10 SPARC and x86 kernel patches and the Solaris 9 x86 patch deliver all the files for this change and so these releases are not listed below).
These additional patches which are not required to fix the vulnerability are:
This solution has no attachment