Note: This is an archival copy of Security Sun Alert 253608 as previously published on http://sunsolve.sun.com.|
Latest version of this security advisory is available from http://support.oracle.com as Sun Alert 1020175.1.
Solaris 10 Operating System
Date of Resolved Release
A security vulnerability in the Solaris SCTP packet processing may lead to a system panic:
A security vulnerability in Solaris 10 SCTP packet processing (see sctp(7P)) may allow a privileged remote user to panic the system, resulting in a Denial of Service (DoS).
2. Contributing Factors
This issue can occur in the following releases:
Note 2: OpenSolaris distributions may include additional bug fixes above and beyond the build from which it was derived. To determine the base build of OpenSolaris, the following command can be used:
$ uname -v
If the described issue is exploited to cause a Denial of Service (DoS), the system may panic with a stack trace similar to the following:
There is no workaround for this issue. Please see the Resolution section below.
This issue is addressed in the following releases:
Copyright 2000-2009 Sun Microsystems, Inc., 4150 Network Circle, Santa Clara, CA 95054 U.S.A. All rights reserved.
This solution has no attachment