Category
Security
Release Phase
Resolved
ProductSolaris 10 Operating System
Bug Id
6271688
Date of Resolved Release14-OCT-2005
Impact
A security vulnerability in Solaris 10 may allow a local unprivileged user the ability to cause a system panic in the "/proc" (see proc(4)) filesystem, creating a Denial of Service (DoS).
Note: This issue applies to Solaris 10 systems with and without zones. Systems with one or more zones installed may experience this issue in both the global and non-global zone(s).
Contributing Factors
This issue can occur in the following releases:
SPARC Platform
- Solaris 10 without patch 118822-19
x86 Platform
- Solaris 10 without patch 118844-19
Note: Solaris 8 and 9 are not impacted by this issue.
Symptoms
The system will panic with a message similar to the following:
BAD TRAP: type=e (#pf Page fault) rp=d48dce48 addr=24 occurred
in module "procfs" due to a NULL pointer dereference
Workaround
There is no workaround to this issue. Please see the Resolution section below.
Resolution
This issue is addressed in the following releases:
SPARC Platform
- Solaris 10 with patch 118822-19 or later
x86 Platform
- Solaris 10 with patch 118844-19 or later
References
118822-19
118844-19
AttachmentsThis solution has no attachment