Note: This is an archival copy of Security Sun Alert 200876 as previously published on
Latest version of this security advisory is available from as Sun Alert 1000665.1.
Article ID : 1000665.1
Article Type : Sun Alerts (SURE)
Last reviewed : 2007-10-08
Audience : PUBLIC
Copyright Notice: Copyright © 2010, Oracle Corporation and/or its affiliates.

Security Vulnerabilities in the Solaris Trusted Extensions "labeld" Service May Lead to a Denial of Service (DoS) Condition


Release Phase

Solaris 10 Operating System

Bug Id
6598913, 6598910

Date of Resolved Release


Two Security Vulnerabilities in Solaris Trusted Extensions label daemon (labeld) may allow a local unprivileged user to stop Trusted Extensions services from running on a system. When this occurs, all existing Trusted Desktop sessions would hang and unprivileged users may not be able to log in to the affected trusted system. This creates a Denial of Service (DoS) condition.

Contributing Factors

This issue can occur in the following releases:

SPARC Platform

  • Solaris 10 without patch 126448-04

x86 Platform

  • Solaris 10 without patch 126449-04

Note: Solaris 8 and Solaris 9 are not impacted by these issues.

To determine if a system is configured with Trusted Extensions, the following command can be run:

    $ svcs /system/labeld
    STATE          STIME      FMRI
    online  07:08:09   svc:/system/labeld:default

If the state is disabled or if "/system/labeld" service is not listed, then the system is not configured to use Trusted Extensions.


Should the described issue occur, a Trusted Extensions service "svc:/system/labeld" would be in a "maintenance" state.

To determine the state of the "labeld" service, the following command can be run:

    $ svcs /system/labeld
    STATE          STIME      FMRI
    maintenance    07:08:09   svc:/system/labeld:default



There is no workaround. Please see the Resolution section below.


This issue is addressed in the following releases:

SPARC Platform

  • Solaris 10 with patch 126448-04 or later

x86 Platform

  • Solaris 10 with patch 126449-04 or later



This solution has no attachment