Note: This is an archival copy of Security Sun Alert 264808 as previously published on
Latest version of this security advisory is available from as Sun Alert 1020787.1.
Article ID : 1020787.1
Article Type : Sun Alerts (SURE)
Last reviewed : 2010-12-05
Audience : PUBLIC
Copyright Notice: Copyright © 2010, Oracle Corporation and/or its affiliates.

Security Vulnerability in Solaris Trusted Extensions Involving the Parsing of Labeled Packets May Result in Denial of Service (DoS)



Release Phase

Bug Id

Solaris 10 Operating System

Date of Resolved Release

A remote user may be able to panic systems configured with Solaris Trusted Extensions ... (see below)

1. Impact

A security vulnerability in Solaris Trusted Extensions when parsing labeled packets may allow a
remote privileged user to be able to panic the system which is a type of Denial of Service (DoS).

2. Contributing Factors

This issue can occur on the following releases:

SPARC platform

  • Solaris 10 Update 3 (11/06) or later without patch 141414-06
  • OpenSolaris based upon builds snv_37 through snv_120

x86 Platform

  • Solaris 10 Update 3 (11/06) or later without patch 141415-06
  • OpenSolaris based upon builds snv_37 through snv_120

Notes: Solaris 8 and 9 are not impacted by this issue.

This issue only impacts systems which have Solaris Trusted Extensions installed and running.
To determine if Trusted Extensions is installed and running on a host, execute the
following command in the global zone:

         $ svcs labeld
online 16:19:20 svc:/system/labeld:default

If Trusted Extensions is configured and running, the labeld service will have an instance in the online state.

3. Symptoms

If this issue occurs, the system may panic with a stack trace similar to the following:

     unix:real_mode_end+72c1 ()
unix:trap+5e6 ()
unix:_cmntrap+140 ()
ip:tsol_get_option+20 ()
ip:ip_input+45b ()
dls:i_dls_link_rx+32e ()
mac:mac_rx+71 ()
bge:bge_receive+98 ()
bge:bge_intr+f6 ()

4. Workaround

There is no workaround to this issue. See the 'Resolution' section below.

5. Resolution

This issue is addressed in the following releases:

SPARC Platform

  • Solaris 10 with patch 141414-06 or later
  • OpenSolaris based upon builds snv_121 or later

x86 Platform

  • Solaris 10 with patch 141415-06 or later
  • OpenSolaris based upon builds snv_121 or later

For more information on Security Sun Alerts, see





This solution has no attachment