Category
Security
Release Phase
Resolved
ProductSolaris 9 Operating System
Solaris 8 Operating System
Bug Id
4935283
Date of Resolved Release23-APR-2004
Impact
A security vulnerability with the Solaris TCP/IP networking stack may allow a local unprivileged user the ability to panic the system causing a Denial of Service.
Contributing Factors
This issue can occur in the following releases:
SPARC Platform
-
Solaris 8 without patch 116895-01 or patch 117000-03
-
Solaris 9 without patch 112233-12
x86 Platform
-
Solaris 8 without patch 116896-01 or patch 117001-03
-
Solaris 9 without patch 112234-12
Note 1: Solaris 7 is not impacted by this issue.
Note 2: Patch 116895-01 has been accumulated and obsoleted by patch 117000-03 and patch 116896-01 has been accumulated and obsoleted by patch 117001-03
Symptoms
If the described issue occurs, the system will panic with a stack trace similar to the following:
putnext+0x4()
ip_sioctl_copyin_done+0x2a94()
ip_wput_nondata+0x198()
putnext+0x21c()
udp_wput_iocdata+0x2c()
udp_wput+0x5cc()
putnext+0x21c()
strdoioctl+0x788()
strioctl+0x10a4()
sock_ioctl+0xcec()
ioctl+0x1f8()
syscall_trap32+0xa8(
Workaround
There is no workaround. Please see the "Resolution" section below.
Resolution
This issue is addressed in the following releases:
SPARC Platform
-
Solaris 8 with patch 116895-01 or patch 117000-03 or later
-
Solaris 9 with patch 112233-12 or later
x86 Platform
-
Solaris 8 with patch 116896-01 or patch 117001-03 or later
-
Solaris 9 with patch 112234-12 or later
Note: Patch 116895-01 has been accumulated and obsoleted by patch 117000-03 and patch 116896-01 has been accumulated and obsoleted by patch 117001-03
Modification History
References
112233-12
112234-12
117000-03
117001-03
AttachmentsThis solution has no attachment