Note: This is an archival copy of Security Sun Alert 200580 as previously published on
Latest version of this security advisory is available from as Sun Alert 1000442.1.
Article ID : 1000442.1
Article Type : Sun Alerts (SURE)
Last reviewed : 2007-11-29
Audience : PUBLIC
Copyright Notice: Copyright © 2010, Oracle Corporation and/or its affiliates.

Users in lx(5) Branded Zones May be Able to Panic Solaris 10 x86 Systems


Release Phase

Solaris 10 Operating System

Bug Id

Date of Resolved Release


An unprivileged local user within a Linux branded zone (see lx(5)) may be able to panic Solaris 10 x86 systems running in 64bit mode. Being able to panic a system is a type of Denial of Service (DoS).

Contributing Factors

The issue can occur in the following releases:

x86 Platform

  • Solaris 10 with patch 120012-01 and without patch 127112-04

Note 1: This issue only occurs on systems with Linux branded zones (see lx(5)) installed. Solaris 8 and Solaris 9 do not provide support for Linux branded zones and are not impacted by this issue.

Note 2: This issue only affects systems running in 64-bit mode.

To determine if an lx(5) branded zone is installed on a Solaris system, the following command can be run:

    $ zoneadm list -ip |cut -d: -f6 | grep lx || echo "No lx brand zones on system"

To determine if a system is running in 64-bit mode, the following command can be run:

    $ isainfo -b



There are no predictable symptoms that would indicate the described issue has been exploited, other than the system panic itself.


There is no workaround for this issue. Please see the Resolution section below.


This issue is resolved in the following release:

x86 Platform

  • Solaris 10 with patch 127112-04 or later



This solution has no attachment