|Title:||Users in lx(5) Branded Zones May be Able to Panic Solaris 10 x86 Systems|
|Copyright Notice:||Copyright © 2007 Sun Microsystems, Inc. All Rights Reserved|
|Update Date:||Fri Nov 30 00:00:00 MST 2007|
- Sun Alert ID: 103153
- Synopsis: Users in lx(5) Branded Zones May be Able to Panic Solaris 10 x86 Systems
- Category: Security
Product: Solaris 10 Operating System
- BugIDs: 6590340
- Avoidance: Patch
- State: Resolved
- Date Released: 30-Nov-2007
- Date Closed: 30-Nov-2007
- Date Modified:
An unprivileged local user within a Linux branded zone (see lx(5)) may be able to panic Solaris 10 x86 systems running in 64bit mode. Being able to panic a system is a type of Denial of Service (DoS).
2. Contributing Factors
The issue can occur in the following releases:
- Solaris 10 with patch 120012-01 and without patch 127112-04
Note 1: This issue only occurs on systems with Linux branded zones (see lx(5)) installed. Solaris 8 and Solaris 9 do not provide support for Linux branded zones and are not impacted by this issue.
Note 2: This issue only affects systems running in 64-bit mode.
To determine if an lx(5) branded zone is installed on a Solaris system, the following command can be run:
$ zoneadm list -ip |cut -d: -f6 | grep lx || echo "No lx brand zones on system"
To determine if a system is running in 64-bit mode, the following command can be run:
$ isainfo -b
There are no predictable symptoms that would indicate the described issue has been exploited, other than the system panic itself.
There is no workaround for this issue. Please see the Resolution section below.
This issue is resolved in the following release:
- Solaris 10 with patch 127112-04 or later
Copyright 2000-2006 Sun Microsystems, Inc., 4150 Network Circle, Santa Clara, CA 95054 U.S.A. All rights reserved.