A remote privileged user may create a TCP (tcp(7p)) "ACK storm" or "ACK flood" which can cause a networked system to run out of resources, creating a Denial of Service (DoS) condition.
A TCP "ACK storm" can occur when a networked system sends a TCP packet which contains an incorrect sequence number to another networked system. The remote system will reply with a TCP ACK packet containing the expected sequence number and the originating system will send another packet with the incorrect sequence number. This exchange of ACK packets will continue indefinitely back and forth and thus create an "ACK storm".
This is the expected behavior of the Internet Transmission Control Protocol (TCP) protocol. The TCP protocol specification is described in RFC 793 at:
The patches listed in Section Two below limit the number of replies a Solaris system will make to a TCP packet with an incorrect sequence number and thus protect against an "ACK storm".