A security vulnerability in the process file system (proc(4)) when interacting with the contract(4) file system may allow a local unprivileged user the ability to panic the system or execute arbitrary commands with all (super-user) privileges. The ability to panic a system is a type of Denial of Service (DoS).
Sun acknowledges with thanks, Ilja van Sprundel from IOActive for bringing this issue to our attention.
This issue is also referenced in the following IOActive advisory:
First released: 05-Feb-2009