Note: This is an archival copy of Security Sun Alert 201340 as previously published on http://sunsolve.sun.com.|
Latest version of this security advisory is available from http://support.oracle.com as Sun Alert 1001014.1.
Solaris 9 Operating System
Solaris 10 Operating System
Solaris 8 Operating System
Date of Resolved Release
A security vulnerability in the Special File System (SPECFS) strfreectty() function may allow an unprivileged local user to panic the system, creating a Denial of Service (DoS).
This issue can occur in the following releases:
The panic stack backtrace will show strfreectty() erroneously passing a NULL pointer to pgsignal().
There is no workaround for this issue. Please see the Resolution section below.
This issue is addressed in the following releases:
This solution has no attachment