Category
Security
Release Phase
Resolved
ProductSolaris 9 Operating System
Solaris 10 Operating System
Solaris 8 Operating System
Bug Id
6575427
Date of Resolved Release08-OCT-2007
Impact
A security vulnerability in the vuidmice(7M) STREAMS modules may allow a local unprivileged user who has access to the system console device (console(7D)) to render the console unusable, which is a type of Denial of Service (DoS).
Contributing Factors
This issue can occur in the following releases:
x86 Platform
- Solaris 8 without patch 114154-02
- Solaris 9 without patch 117419-03
- Solaris 10 without patch 127751-01
Note 1: Solaris on the SPARC platform is not impacted by this issue.
Note 2: This issue requires users to have access to the system console device in order to be exploited.
Symptoms
If this issue is exploited, it may render the system console device unusable and may cause garbled characters to be printed on the console. In addition, on Solaris 10 systems, this issue may cause smf(5) to print the following error message on the system console in a continuous loop:
Requesting System Maintenance Mode
(See /lib/svc/share/README for more information.)
Console login service(s) cannot run
Workaround
There is no workaround for this issue. Please see the "Resolution" section below.
Resolution
This issue is addressed in the following releases:
x86 Platform
- Solaris 8 with patch 114154-02 or later
- Solaris 9 with patch 117419-03 or later
- Solaris 10 with patch 127751-01 or later
References
114154-02
117419-03
127751-01
AttachmentsThis solution has no attachment