Note: This is an archival copy of Security Sun Alert 200435 as previously published on http://sunsolve.sun.com.
Latest version of this security advisory is available from http://support.oracle.com as Sun Alert 1000317.1.
Article ID : 1000317.1
Article Type : Sun Alerts (SURE)
Last reviewed : 2005-10-13
Audience : PUBLIC
Copyright Notice: Copyright © 2010, Oracle Corporation and/or its affiliates.

Security Vulnerability May Allow a Local Unprivileged User to Cause a System Panic in the "/proc" Filesystem



Category
Security

Release Phase
Resolved

Product
Solaris 10 Operating System

Bug Id
6271688

Date of Resolved Release
14-OCT-2005

Impact

A security vulnerability in Solaris 10 may allow a local unprivileged user the ability to cause a system panic in the "/proc" (see proc(4)) filesystem, creating a Denial of Service (DoS).

Note: This issue applies to Solaris 10 systems with and without zones. Systems with one or more zones installed may experience this issue in both the global and non-global zone(s).


Contributing Factors

This issue can occur in the following releases:

SPARC Platform

  • Solaris 10 without patch 118822-19

x86 Platform

  • Solaris 10 without patch 118844-19

Note: Solaris 8 and 9 are not impacted by this issue.


Symptoms

The system will panic with a message similar to the following:

    BAD TRAP: type=e (#pf Page fault) rp=d48dce48 addr=24 occurred
    in module "procfs" due to a NULL pointer dereference

Workaround

There is no workaround to this issue. Please see the Resolution section below.


Resolution

This issue is addressed in the following releases:

SPARC Platform

  • Solaris 10 with patch 118822-19 or later

x86 Platform

  • Solaris 10 with patch 118844-19 or later


References

118822-19
118844-19




Attachments
This solution has no attachment