Note: This is an archival copy of Security Sun Alert 200435 as previously published on http://sunsolve.sun.com.|
Latest version of this security advisory is available from http://support.oracle.com as Sun Alert 1000317.1.
Solaris 10 Operating System
Date of Resolved Release
A security vulnerability in Solaris 10 may allow a local unprivileged user the ability to cause a system panic in the "/proc" (see proc(4)) filesystem, creating a Denial of Service (DoS).
Note: This issue applies to Solaris 10 systems with and without zones. Systems with one or more zones installed may experience this issue in both the global and non-global zone(s).
This issue can occur in the following releases:
Note: Solaris 8 and 9 are not impacted by this issue.
The system will panic with a message similar to the following:
BAD TRAP: type=e (#pf Page fault) rp=d48dce48 addr=24 occurred in module "procfs" due to a NULL pointer dereference
There is no workaround to this issue. Please see the Resolution section below.
This issue is addressed in the following releases:
This solution has no attachment