Sun Alert 254628 Security Vulnerabilities in the UFS File System Relating to ufs_getpage() and ufs_putpage() Routines May Allow a Local User to Hang or Panic the System

Product: Solaris 10 Operating System OpenSolaris
Several vulnerabilities in the UFS file system involving the ufs_getpage()
and ufs_putapage() routines may lead to a system hang or a system panic.
The specific impact for each of the issues are as follows:

CR 6442712
A local unprivileged user may be able to cause all writes to a UFS
filesystem to hang on x86 systems running OpenSolaris builds snv_39
through snv_45 in 64-bit mode. This can then prevent applications and
commands from succeeding which is a type of Denial of Service (DoS). In
addition, if the root (/) filesystem is UFS then this may lead to a system
hang which is a type of Denial of Service (DoS).

CR 6425723
A local unprivileged user may be able to cause all writes to a UFS
filesystem to hang on SPARC sun4v systems running Solaris 10 with patch
138888-01 or later and without patch 139483-05 or OpenSolaris builds
snv_47 through snv_85. This can then prevent applications and
commands from succeeding which is a type of Denial of Service (DoS). In
addition, if the root (/) filesystem is UFS then this may lead to a system
hang which is a type of Denial of Service (DoS).

CR 6679732
A local unprivileged user may be able to panic x86 systems running
OpenSolaris builds snv_86 through snv_91 in 32-bit mode with at least one
UFS filesystem present.


State: Resolved
First released: 16-Mar-2009
Comments:

Post a Comment:
Comments are closed for this entry.
About

This blog provides security vulnerability fix notifications relevant to third party software components distributed and supported as part of Oracle Products.
Summarized version of this blog is available as a mapping of CVEs and solutions.

Search

Archives
« April 2014
SunMonTueWedThuFriSat
  
2
3
4
5
6
7
8
9
10
11
12
13
14
16
18
19
20
21
22
23
24
25
26
27
28
29
30
   
       
Today