Note: This is an archival copy of Security Sun Alert 200370 as previously published on http://sunsolve.sun.com.|
Latest version of this security advisory is available from http://support.oracle.com as Sun Alert 1000262.1.
Solaris 9 Operating System
Solaris 7 Operating System
Solaris 8 Operating System
Date of Resolved Release
Local unprivileged users may be able to panic Solaris systems with Basic Security Module (BSM) enabled causing a Denial of Service (DoS). This issue can only occur on systems where BSM has been configured to audit the Administrative audit class "ad" or the System-Wide Administration audit class "as".
This issue can occur in the following releases:
Note: This issue can only occur on systems with BSM configured to audit either the Administrative audit class "ad" or the System-Wide Administration audit class "as".
If a Solaris system has BSM enabled, the following line will be present in the "/etc/system" file:
$ grep c2audit /etc/system set c2audit:audit_load = 1
To determine if either the Administrative audit class or the System-Wide Administration audit class is configured to be audited, the "flags" line of the "/etc/security/audit_control" file will contain either "ad" or "as":
# egrep ^flags:.*a[sd] /etc/security/audit_control flags:lo,ad
The system panics with a stack trace similar to the following:
pcache_poll+0x98(0, 30005437bc8, 25, 2a100aebaec, 1, 20) poll+0x3e0(ffbfaa60, 1, 300053f7ef0, 1388, 0, 18) syscall_trap32+0xa8(ffbfaa60, 3, 1388, 0, 1388, 0)
There is no workaround. Please see the "Resolution" section below.
This issue is addressed in the following releases:
This solution has no attachment