Note: This is an archival copy of Security Sun Alert 252469 as previously published on http://sunsolve.sun.com.|
Latest version of this security advisory is available from http://support.oracle.com as Sun Alert 1020111.1.
Solaris 10 Operating System
Date of Resolved Release
A security vulnerability in NFSv4 Server Kernel Module:
A security vulnerability in the NFSv4 Server Kernel Module may allow a local unprivileged user to hang an NFSv4 server if that server is sharing an hsfs(7FS) file system (CD-ROM, DVD media). This is a type of Denial of Service (DoS).
2. Contributing Factors
This issue can occur in the following releases:
Note 2: OpenSolaris distributions may include additional bug fixes above and beyond the build from which it was derived. To determine the base build of OpenSolaris, the following command can be used:
$ uname -vNote 3: This issue only occurs on systems that are configured as a NFSv4 server and share a hsfs(7FS) file system. To determine if a system is configured as a NFSv4 server, the following command can be used:
# rpcinfo -l localhost nfs 4
program vers tp_family/name/class address serviceTo determine if a NFSv4 server is sharing a hsfs(7FS) file system, the following command can be used:
# df -F hsfs `cut -f1 /etc/dfs/sharetab` 2>/dev/null3. Symptoms
If the described issue is exploited, the NFSv4 server and possibly the entire system may become unresponsive. This may lead to a system hang on the NFSv4 server.
If the hsfs(7FS) file system is shared, the NFS server system can be configured not to use NFSv4 by setting "NFS_SERVER_VERSMAX=3" in "/etc/default/nfs". For additional information, please refer to the nfs(4) documentation.
This issue is addressed in the following releases:
Copyright 2000-2009 Sun Microsystems, Inc., 4150 Network Circle, Santa Clara, CA 95054 U.S.A. All rights reserved.
This solution has no attachment