Note: This is an archival copy of Security Sun Alert 233921 as previously published on http://sunsolve.sun.com.|
Latest version of this security advisory is available from http://support.oracle.com as Sun Alert 1019056.1.
Date of Resolved Release
A Security Vulnerability in Floating Point Context Switch Implementation May Result in a Denial of Service (DoS) or Data Integrity Issues
1. ImpactThere are four issues that may occur with this Bug:
1. A security vulnerability in the Solaris floating point context switch implementation may allow a local unprivileged user to cause an arbitrary application running on the system to exit, resulting in a Denial of Service (DoS) to that application. It is not possible to target a particular application on the system to terminate.
2. An application executing floating point operations on the system may get incorrect results due to data corruption.
3. An application, on invoking signal handlers under certain conditions, may cause an arbitrary application running on the system to get incorrect results leading to data integrity issues. It is not possible to target a particular application to lead to incorrect results.
4. An application on Solaris 10 using libc(3LIB) functions memcpy(3C) or memset(3C) or memmove(3C) may get incorrect results, leading to data integrity issues.
2. Contributing FactorsThese issues can occur in the following releases:
3. SymptomsThe program executing floating point operation exits and dumps an application core due to an unexpected SIGFPE. Otherwise, there will be no symptom other than incorrect operation of an application.
4. WorkaroundThere is no workaround for this issue. Please see the Resolution section below.
5. ResolutionThese issues are addressed in the following releases:
Copyright 2000-2008 Sun Microsystems, Inc., 4150 Network Circle, Santa Clara, CA 95054 U.S.A. All rights reserved.
Solaris 9 Operating System
Solaris 10 Operating System
This solution has no attachment