Note: This is an archival copy of Security Sun Alert 200582 as previously published on http://sunsolve.sun.com.|
Latest version of this security advisory is available from http://support.oracle.com as Sun Alert 1000444.1.
Solaris 9 Operating System
Solaris 10 Operating System
Date of Resolved Release
A security vulnerability in the Solaris Volume Manager (SVM) ioctl(2) interface may allow a local unprivileged user the ability to cause a system panic, which is a type of Denial of Service (DoS).
This issue can occur in the following releases:
NOTE: Solaris 8 Volume Management services are provided by Solstice Disksuite 4.2.1 rather than SVM and thus Solaris 8 is not affected by this issue.
Should the described issue occur, the system will panic with a stack trace similar to the following:
.... md_base_ioctl() md_admin_ioctl() mdioctl() cdev_ioctl() spec_ioctl() ioctl+0x1a7() _sys_call+0xe5()
There is no workaround for this issue. Please see the Resolution section below.
This issue is addressed in the following releases:
This solution has no attachment