Note: This is an archival copy of Security Sun Alert 231403 as previously published on http://sunsolve.sun.com.|
Latest version of this security advisory is available from http://support.oracle.com as Sun Alert 1018976.1.
Solaris 10 Operating System
Date of Resolved Release
A Security Vulnerability Relating to Inter-Process Communication (IPC) May Lead to a Denial of Service (DoS)
1. ImpactA security vulnerability relating to the Inter-Process Communication (IPC) message queue sub-system may allow a local unprivileged user to block all I/O on a message queue until the system is rebooted. This is a type of Denial of Service (DoS).
2. Contributing FactorsThis issue can occur in the following releases:
3. SymptomsIPC message queue I/O (from the perspective of the application) to one or more message queues will hang. An attempt to ascertain the state of the message queue sub-system with the command
$ ipcs -qawill also hang after the command has output its heading to the screen.
For further confirmation that this issue has occurred, a system panic could be forced when the above symptom was being exhibited, and the following command run on the resultant core file:
# echo "::walk thread_cache |::findstack !grep msg_fnd_neg_snd" |mdb -k unix.0 vmcore.This indicates that the kernel function msg_fnd_neg_snd() was present on one of the thread stack backtraces which is another symptom that this issue has likely occurred.
4. WorkaroundThere is no workaround for this issue. Please see the Resolution section below.
5. ResolutionThis issue is addressed in the following releases:
Copyright 2000-2008 Sun Microsystems, Inc., 4150 Network Circle, Santa Clara, CA 95054 U.S.A. All rights reserved.
This solution has no attachment