Note: This is an archival copy of Security Sun Alert 241066 as previously published on http://sunsolve.sun.com.|
Latest version of this security advisory is available from http://support.oracle.com as Sun Alert 1019556.1.
Solaris 10 Operating System
Date of Resolved Release
A Security Vulnerability in the Solaris NFS Kernel Module:
A security vulnerability in the Solaris NFS kernel module on Solaris 10 systems with kernel patches 120011-14 (SPARC) and 120012-14 (x86), may allow a local unprivileged user to cause an NFS server to panic, resulting in a Denial of Service (DoS).
2. Contributing Factors
This issue can occur in the following releases:
Note 2: OpenSolaris distributions may include additional bug fixes above and beyond the build from which it was derived. To determine the base build of OpenSolaris, the following command can be used:
$ uname -vTo determine if a system has a Package Repository Update (PRU) installed that addresses this issue, execute the following command:
$ pkg contents -o name,value -t set | grep 66144163. Symptoms
If the described issue occurs, the NFS server system may panic with a stack trace similar to the following:
> $C4. Workaround
To work around the described issue, mount the NFS file system on the NFS client side with mount_nfs(1M) "-o nodevices" option.
This issue is addressed in the following releases:
Copyright 2000-2008 Sun Microsystems, Inc., 4150 Network Circle, Santa Clara, CA 95054 U.S.A. All rights reserved.
27-Aug-2008: Updated the Workaround section
This solution has no attachment