Category
Security
Release Phase
Resolved
Bug Id
6797796
ProductSolaris 10 Operating System
OpenSolaris
Date of Workaround Release27-Jan-2009
Date of Resolved Release03-Apr-2009
A Security Vulnerability in Solaris IPv6 Implementation (ip6(7p)) May Cause a System Panic
1. Impact
An insufficient validation security vulnerability in the Solaris IPv6
implementation (ip6(7p)) may allow a remote privileged user to panic
the system using a crafted packet. This is a type of Denial of
Service (DoS).
2. Contributing Factors
This issue can occur in the following releases:
SPARC Platform:
- Solaris 10 without patch 138888-08
- OpenSolaris based upon builds snv_01 through snv_107
x86 Platform:
- Solaris 10 without patch 138889-08
- OpenSolaris based upon builds snv_01 through snv_107
Notes:
1. Solaris 8 and Solaris 9 are not affected by this issue.
2. This issue only affects systems which have at least one IPv6 interface configured and "up".
The ifconfig(1M) command can be used to list all IPv6 interfaces configured and "up" on the system as follows:
$ ifconfig -au6
Solaris 10 does not have a default IPv6 interface configured since
administrators are required to enable or disable IPv6 at install time.
3. OpenSolaris distributions may include additional bug fixes above and
beyond the base build from which it was derived. The base build can be
derived as follows:
$ uname -v
snv_86
3. Symptoms
If the described issue occurs, the following panic string and stack
trace may be seen:
ipsec_needs_processing_v6
ipsec_needs_processing_v6 ()
ipsec_early_ah_v6 ()
ip_rput_data_v6 ()
ip_rput_v6 ()
putnext ()
dld_str_rx_fastpath ()
i_dls_link_rx ()
...
4. Workaround
Malformed packets can be blocked to prevent this issue from occurring
using Solaris IP Filter (ipfilter(5)) with the following rule:
block in quick all with short
Please refer to ipf(1M) and ipf(4) for enabling and configuring ipfilter.
If an IPv6 interface is configured but not being used, then disabling
the IPv6 interface will also prevent this issue from occurring on the
system.
To disable all IPv6 interfaces on a system, following command can be
run as root:
# ifconfig -a6 down
5. Resolution
This issue is addressed in the following releases:
SPARC Platform
- Solaris 10 with patch 138888-08 or later
- OpenSolaris based upon builds snv_108 or later
x86 Platform:
- Solaris 10 with patch 138889-08 or later
- OpenSolaris based upon builds snv_108 or later
For more information on
Security Sun Alerts, see 1009886.1.
This Sun Alert
notification is being provided to you on
an "AS IS"
basis. This Sun Alert notification may contain information provided by
third parties. The issues described in this Sun Alert notification may
or may not impact your system(s). Sun makes no representations,
warranties, or guarantees as to the information contained herein. ANY
AND ALL WARRANTIES, EXPRESS OR IMPLIED, INCLUDING WITHOUT LIMITATION
WARRANTIES OF MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE, OR
NON-INFRINGEMENT, ARE HEREBY DISCLAIMED. BY ACCESSING THIS DOCUMENT YOU
ACKNOWLEDGE THAT SUN SHALL IN NO EVENT BE LIABLE FOR ANY DIRECT,
INDIRECT, INCIDENTAL, PUNITIVE, OR CONSEQUENTIAL DAMAGES THAT ARISE OUT
OF YOUR USE OR FAILURE TO USE THE INFORMATION CONTAINED HEREIN. This
Sun Alert notification contains Sun proprietary and confidential
information. It is being provided to you pursuant to the provisions of
your agreement to purchase services from Sun, or, if you do not have
such an agreement, the Sun.com Terms of Use. This Sun Alert
notification may only be used for the purposes contemplated by these
agreements.
Copyright 2000-2009 Sun
Microsystems,
Inc., 4150 Network Circle, Santa
Clara, CA 95054 U.S.A. All rights reserved.
Modification History
03-Apr-2009: Updated Contributing Factors and Resolution sections, issue Resolved
References
138888-08
138889-08
AttachmentsThis solution has no attachment