Solaris ufs_getpage() and ufs_putpage() Bugs Lets Local Users Deny Service
|
|
SecurityTracker Alert ID: 1021850 |
|
SecurityTracker URL: http://securitytracker.com/id/1021850
|
|
CVE Reference:
CVE-2009-0924, CVE-2009-0925, CVE-2009-0926
(Links to External Site)
|
Updated: Mar 26 2009
|
Original Entry Date: Mar 17 2009
|
Impact:
Denial of service via local system
|
Fix Available: Yes Vendor Confirmed: Yes
|
Version(s): 10, OpenSolaris
|
Description:
A vulnerability was reported in Solaris. A local user can cause denial of service conditions.
A local user can trigger flaws in the ufs_getpage() and ufs_putpage() functions to cause the system to hang or cause a system panic.
|
Impact:
A local user can cause the target system to hang or panic.
|
Solution:
Sun has issued the following fixes.
CR 6442712
x86 Platform
* OpenSolaris based upon builds snv_45 or later
CR 6425723
SPARC Platform
* Solaris 10 with patch 139483-05 or later
* OpenSolaris based upon builds snv_86 or later
CR 6679732
x86 Platform
* OpenSolaris based upon builds snv_92 or later
The vendor's advisory is available at:
http://sunsolve.sun.com/search/document.do?assetkey=1-66-254628-1
|
Vendor URL: sunsolve.sun.com/search/document.do?assetkey=1-66-254628-1 (Links to External Site)
|
Cause:
State error
|
Underlying OS:
|
|
Message History:
None.
|
Source Message Contents
|
Date: Tue, 17 Mar 2009 06:34:44 -0500
Subject: http://sunsolve.sun.com/search/document.do?assetkey=1-66-254628-1
|
254628
Security Vulnerabilities in the UFS File System Relating to ufs_getpage() and ufs_putpage() Routines May Allow a Local User to Hang or Panic the System
|
|
