Note: This is an archival copy of Security Sun Alert 200243 as previously published on http://sunsolve.sun.com.
Latest version of this security advisory is available from http://support.oracle.com as Sun Alert 1000190.1.
Article ID : 1000190.1
Article Type : Sun Alerts (SURE)
Last reviewed : 2005-09-18
Audience : PUBLIC
Copyright Notice: Copyright © 2010, Oracle Corporation and/or its affiliates.

A Security Vulnerability in the Solaris 10 "tl" Driver May Allow a Local Unprivileged User the Ability to Panic the System

Category
Security

Release Phase
Resolved

Product
Solaris 10 Operating System

Bug Id
6290652

Date of Resolved Release
19-SEP-2005

Impact

A security vulnerability in the Solaris 10 "tl" driver may allow a local unprivileged user the ability to panic the system, resulting in a Denial of Service (DoS).


Contributing Factors

This issue can occur in the following releases:

SPARC Platform

  • Solaris 10 without patch 120664-01

x86 Platform

  • Solaris 10 without patch 120665-01

Note: Solaris 8 and 9 are not vulnerable to this issue. Solaris 7 will not be evaluated regarding the potential impact of the issue described in this Sun Alert.


Symptoms

The system will panic in the function: serializer_enter().


Workaround

There is no workaround to this issue. Please see the Resolution section below.


Resolution

This issue is addressed in the following releases:

SPARC Platform

  • Solaris 10 with patch 120664-01 or later

x86 Platform

  • Solaris 10 with patch 120665-01 or later


References

120664-01
120665-01




Attachments
This solution has no attachment