Note: This is an archival copy of Security Sun Alert 266228 as previously published on http://sunsolve.sun.com.|
Latest version of this security advisory is available from http://support.oracle.com as Sun Alert 1020861.1.
Solaris 10 Operating System
Date of Resolved Release
Security Vulnerability in lx Branded Zones May Result in Denial of Service (DoS)
A security vulnerability in lx branded zones may allow a a local unprivileged user to panic a Solaris x86 Intel-based system running in 64-bit mode, which is a type of Denial of Service (DoS).
2. Contributing Factors
This issue can occur in the following releases:
1. Solaris 8 and 9 and Solaris on the SPARC platform are not impacted by this issue
2. This issue only affects Intel-based systems running in 64 bit mode. amd64 machines are not impacted by this issue. To determine if a system is Intel-based, the following command can be run:
$ psrinfo -vpTo determine if a system is running in 64 bit mode, the following command can be run:
$ isainfo -b3. This issue only affects systems which have installed and configured an lx branded zone. To display the list of all running zones on the system the zoneadm(1M) command can be used as follows:
$ zoneadm list -v4. OpenSolaris distributions may include additional bug fixes above and beyond the build from which it was derived. The base build can be derived as follows:
$ uname -v3. Symptoms
Should the described issue occur, the system will panic with output similar to the following:
rdi: fec44480 rsi: fedb2a00 rdx: febc18f5
fffffffffbc36c90 unix:die+10f ()4. Workaround
There is no workaround for this issue. Please see the Resolution section below.
This issue is addressed in the following releases:
Copyright 2000-2009 Sun Microsystems, Inc., 4150 Network Circle, Santa Clara, CA 95054 U.S.A. All rights reserved.
This solution has no attachment