Note: This is an archival copy of Security Sun Alert 200659 as previously published on http://sunsolve.sun.com.|
Latest version of this security advisory is available from http://support.oracle.com as Sun Alert 1000516.1.
Solaris 9 Operating System
Solaris 2.6 Operating System
Solaris 7 Operating System
Solaris 8 Operating System
Date of Resolved Release
Sending specific UDP RPC packets to a Solaris machine may lead to allocation of large memory amounts, eventually exhausting the swap space and effectively disabling the system.
Such UDP RPC packets may be caused by misbehaving RPC clients, hardware errors, or malicious (local or remote) users.
Please see Sun Alert document 50747 for a related issue.
This issue can occur in the following releases:
Note: Solaris 9 on Intel platforms is not affected.
Solaris 2.5.1 will not be evaluated regarding the potential impact of the issue described in this Sun Alert document.
Possibly symptoms of this issue are:
1. Memory allocation errors logged in the "/var/adm/messages" file by applications, for example:
[ID 462250 daemon.error] xdr_string: out of memory
or generic memory exhaustion warnings, for example:
tmpfs: WARNING: /tmp: File system full, swap space limit exceeded
2. The RPC process receiving the malicious RPC packet might report erroneous arguments, for example the "nisstat" command may report:
where "E=2" indicates two errors in previous RPC calls, or, as a second example, "rpcinfo -m" may report failed RPC calls as shown below:
RPCBIND (version 4) statistics NULL SET UNSET GETADDR DUMP CALLIT TIME U2T T2U 0 0/0 0/0 0/100 0 0/0 0 0 0
(here, "0/100" indicates 100 failed "GETADDR" RPC calls).
3. The process receiving the malicious RPC packet will consume a large (and possibly growing) amount of memory (this can be checked by using the "-o vsz" option with the ps(1) command).
There is no workaround. Please see the "Resolution" section below.:
This issue is addressed in the following releases:
To address the described issue, customers running Solaris 2.5.1 should upgrade to Solaris 2.6 (or later) with the appropriate patches .
Please see Sun Alert document 50747 for potential side effects of installing the above patches.
This solution has no attachment