Sun Solaris Volume Manager Input Validation Error Lets Local Users Panic the Kernel
|
|
SecurityTracker Alert ID: 1010736 |
|
SecurityTracker URL: http://securitytracker.com/id/1010736
|
|
CVE Reference:
GENERIC-MAP-NOMATCH
(Links to External Site)
|
Date: Jul 19 2004
|
Impact:
Denial of service via local system
|
Fix Available: Yes Vendor Confirmed: Yes
|
Version(s): Solaris 9
|
Description:
A denial of service vulnerability was reported in Sun Solaris when configured with Solaris Volume Manager (SVM) devices. A local user can cause a system panic.
Sun reported that a malformed probe request can trigger a kernel panic.
The system is only vulnerable if SVM devices are configured, the report said.
|
Impact:
A local user can cause a kernel panic.
|
Solution:
Sun has issued the following fixes:
SPARC Platform
Solaris 9 with patch 113073-13 or later
x86 Platform
Solaris 9 with patch 113994-22 or later
|
Vendor URL: sunsolve.sun.com/pub-cgi/retrieve.pl?doc=fsalert%2F57598 (Links to External Site)
|
Cause:
Input validation error
|
Underlying OS:
|
|
Message History:
None.
|
Source Message Contents
|
Date: Mon, 19 Jul 2004 11:44:45 -0400
Subject: http://sunsolve.sun.com/pub-cgi/retrieve.pl?doc=fsalert%2F57598
|
http://sunsolve.sun.com/pub-cgi/retrieve.pl?doc=fsalert%2F57598&zone_32=category%3Asecurity
57598 Security Vulnerability With Solaris Volume Manager (SVM) 16 Jul 2004
Sun reported that a local user may be able to cause a system panic on Solaris 9 systems
that have Solaris Volume Manager (SVM) devices configured.
The system is only vulnerable if SVM devices are configured, the report said.
Sun has issued the following fixes:
SPARC Platform
Solaris 9 with patch 113073-13 or later
x86 Platform
Solaris 9 with patch 113994-22 or later
----
Sun Alert ID: 57598
Synopsis: Security Vulnerability With Solaris Volume Manager (SVM)
Category: Security
Product: Solaris, Solaris Volume Manager (SVM)
BugIDs: 5046783
Avoidance: Patch
State: Resolved
Date Released: 16-Jul-2004
Date Closed: 16-Jul-2004
Date Modified:
|
|
