Note: This is an archival copy of Security Sun Alert 201135 as previously published on http://sunsolve.sun.com.|
Latest version of this security advisory is available from http://support.oracle.com as Sun Alert 1000854.1.
Sun Grid Engine 6
Sun Grid Engine 5.3
6398008, 6397987, 6365380
Date of Resolved Release
A security vulnerability in the Sun N1 Grid Engine daemons may allow local unprivileged users to kill either the qmaster or execd process and shutdown the grid service, creating a Denial of Service (DoS) condition. In certain cases, buffer overflows may be exploited by unprivileged local users to gain elevated privileges.
This issue can occur in the following releases:
Should the described exploit occur, the 'qmaster' or 'execd' process is shut down and a core file will be created.
To verify that your 'qmaster' or 'execd' process is not up and running, search in the process table with the 'ps' command for the process name "sge_qmaster" or "sge_execd". The following examples show a running qmaster:
On Mac OS:
$ ps ax | grep sge_qmaster 526 ?? S 12:44.97 /gridware/sge/bin/darwin/sge_qmaster
all other platforms (including Windows, when using Windows Services for UNIX):
$ ps -ef | grep sge_qmaster sgeadmin 13001 1 0 Apr 24 ? 19:17 /gridware/sge/bin/sol-sparc64/sge_qmaster
If no 'qmaster' or 'execd' process was found in the process table the cluster may be affeced by this issue.
There is no workaround for this issue. Please see the Resolution section below.
This issue is addressed in the following releases:
Note: Sun Grid Engine 5.3 will require an upgrade to N1 Grid Engine 6.0 with the appropriate patches to resolve this issue.
This solution has no attachment