Note: This is an archival copy of Security Sun Alert 201931 as previously published on http://sunsolve.sun.com.
Latest version of this security advisory is available from http://support.oracle.com as Sun Alert 1001428.1.
Article ID : 1001428.1
Article Type : Sun Alerts (SURE)
Last reviewed : 2003-10-12
Audience : PUBLIC
Copyright Notice: Copyright © 2010, Oracle Corporation and/or its affiliates.

Security Vulnerability on Sun Systems With a PGX32 Frame Buffer



Category
Security

Release Phase
Resolved

Product
Solaris 9 Operating System
Solaris 2.5.1
Solaris 2.6 Operating System
Solaris 7 Operating System
Solaris 8 Operating System

Bug Id
4897594, 4897600

Date of Resolved Release
19-NOV-2003

Impact

A local unprivileged user may be able to gain unauthorized root privileges due to a security vulnerability in libraries associated with the PGX32 Frame Buffer.


Contributing Factors

This issue can occur in the following releases:

SPARC Platform

  • Solaris 2.5.1 without patches 107714-25 and 107851-25
  • Solaris 2.6 without patches 107715-25 and 107851-25
  • Solaris 7 without patches 107716-26 and 107851-25
  • Solaris 8 without patch 109154-20
  • Solaris 9 without patch 112601-09

Note: Solaris on the x86 platform is not affected.

This issue only occurs when a PGX32 frame buffer is installed. To verify if a Sun system is equipped with a PGX32 frame buffer, use the "/usr/platform/`uname -m`/sbin/prtdiag" command. An output line containing "TSI,gfxp" in the "Name" column indicates that a PGX32 frame buffer is installed.


Symptoms

There are no predictable symptoms that would show the described issue has been exploited.


Workaround

There is no workaround. Please see the "Resolution" section below.


Resolution

This issue is addressed in the following releases:

SPARC Platform

  • Solaris 2.5.1 with patches 107714-25 and 107851-25 or later
  • Solaris 2.6 with patches 107715-25 and 107851-25 or later
  • Solaris 7 with patches 107716-26 and 107851-25 or later
  • Solaris 8 with patch 109154-20 or later
  • Solaris 9 with patch 112601-09 or later


Modification History

References

107715-25
107716-26
109154-20
112601-09
107714-25
107851-25




Attachments
This solution has no attachment