Note: This is an archival copy of Security Sun Alert 200661 as previously published on http://sunsolve.sun.com.|
Latest version of this security advisory is available from http://support.oracle.com as Sun Alert 1000518.1.
Solaris 9 Operating System
Solaris 10 Operating System
Solaris 8 Operating System
Date of Resolved Release
A race condition security vulnerability in the Solaris Remote Procedure Call (RPC) Module may allow a local unprivileged user to panic the system, resulting in a Denial of Service (DoS) condition.
This issue can occur in the following releases:
Note: This issue only affects systems which have the 'rpcmod' kernel module loaded.
To determine if the the 'rpcmod' kernel module is loaded, the following command can be run:
$ modinfo -c | grep rpcmod || echo "System not impacted."
Should the described issue occur, the system may panic with a NULL pointer dereference and with a message similar to the following:
panic[cpu0]/thread=2a100717d40: 0x3000619cea0: BAD TRAP: type=31 rp=2a100716c50 addr=8 mmu_fsr=0 occurred in module "rpcmod" due to a NULL pointer dereference.
For some situations it may be possible to avoid loading rpcmod by not running RPC services on the system; however, this will remove RPC functionality. If this is not acceptable, please see the Resolution section below.
This issue is addressed in the following releases:
This solution has no attachment