Note: This is an archival copy of Security Sun Alert 235122 as previously published on http://sunsolve.sun.com.|
Latest version of this security advisory is available from http://support.oracle.com as Sun Alert 1019116.1.
Solaris 10 Operating System
Date of Resolved Release
Security Vulnerability in the Solaris 10 Event Port Implementation May Lead to a System Panic (See below for Details)
1. ImpactA security vulnerability in the Solaris 10 event port implementation may lead to a system panic when executing an application program that submits and retreives user-defined events from a port. This may allow a local unprivileged user to cause a system panic resulting in Denial of Service (DoS) condition in the affected host.
2. Contributing FactorsThis issue can occur in the following releases:
3. SymptomsIf the described issue occurs, the following panic string and stack trace may be seen:
BAD TRAP: type=31 rp=2a102e39720 addr=30 mmu_fsr=0 occurred in module "genunix" due to a NULL pointer dereference
4. WorkaroundThere is no workaround for this issue. Please see the Resolution section below.
5. ResolutionThis issue is addressed in the following release:
This solution has no attachment