Note: This is an archival copy of Security Sun Alert 250066 as previously published on http://sunsolve.sun.com.|
Latest version of this security advisory is available from http://support.oracle.com as Sun Alert 1019972.1.
Date of Resolved Release
A Solaris Kernel Security Vulnerability on Systems Using the Sun UltraSPARC T2 and T2+ Processors May Allow Denial of Service (DoS)
A security vulnerability in the sun4v kernel for Sun UltraSPARC T2 and UltraSPARC T2+ systems may allow a local unprivileged user to panic the system, which is a type of Denial of Service (DoS).
2. Contributing Factors
This issue can occur in the following releases:
1. Solaris 8 and 9 do not support the Sun UltraSPARC T2 or UltraSPARC T2+ processor and thus are not impacted by this issue.
2. Solaris 10 is not impacted by this issue.
3. This issue only affects systems with a Sun UltraSPARC T2 or UltraSPARC T2+ processor and therefore does not affect the x86 platform.
To determine if a system has either a Sun UltraSPARC T2 or UltraSPARC T2+ processor, the following command can be run:
$ modinfo | grep SUNW,UltraSPARC-T2If output is returned similiar to the following:
3 12c3d40 5450 - 0 SUNW,UltraSPARC-T2 ()or:
4 121c460 6520 - 0 SUNW,UltraSPARC-T2+ ()then the system has a Sun UltraSPARC T2 or UltraSPARC T2+ processor.
If the described issue occurs, the system may panic with a stack trace similar to the following:
panic[cpu16]/thread=30005406e80: bad stack overflow at TL 1
There is no workaround for this issue. Please see the Resolution section below.
This issue is addressed in the following release:
For more information on Security Sun Alerts, see 1009886.1.
Copyright 2000-2009 Sun Microsystems, Inc., 4150 Network Circle, Santa Clara, CA 95054 U.S.A. All rights reserved.
This security issue was caused by the putback for 6368478.
This solution has no attachment