[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Solaris : Security vulnerability in kernel



DOCUMENT ID: 57479
SYNOPSIS: Security Vulnerability With Loading Arbitrary Kernel Modules
in Solaris Kernel
DETAIL DESCRIPTION:

Sun(sm) Alert Notification
Sun Alert ID: 57479

Synopsis: Security Vulnerability With Loading Arbitrary Kernel Modules
in Solaris Kernel

Category: Security

Product: Solaris
BugIDs: 4729683
Avoidance: Patch

State: Resolved
Date Released: 22-Jan-2004
Date Closed: 22-Jan-2004
Date Modified:

1. Impact

By loading arbitrary kernel modules, an unprivileged local user may be
able to gain root privileges.

2. Contributing Factors

This issue can occur in the following releases:

SPARC Platform
Solaris 2.6 without patch 105181-37
Solaris 7 without patch 106541-29
Solaris 8 without patch 108528-27
Solaris 9 without patch 112233-11

x86 Platform
Solaris 2.6 without patch 105182-37
Solaris 7 without patch 106542-29
Solaris 8 without patch 108529-27
Solaris 9 without patch 112234-11

3. Symptoms

There are no predictable symptoms that would indicate the described
issue has been exploited.

SOLUTION SUMMARY:

4. Relief/Workaround

There is no workaround. Please see the "Resolution" section below.

5. Resolution

This issue is addressed in the following releases:

SPARC Platform
Solaris 2.6 with patch 105181-37 or later
Solaris 7 with patch 106541-29 or later
Solaris 8 with patch 108528-27 or later
Solaris 9 with patch 112233-11 or later

x86 Platform
Solaris 2.6 with patch 105182-37 or later
Solaris 7 with patch 106542-29 or later
Solaris 8 with patch 108529-27 or later
Solaris 9 with patch 112234-11 or later

Change History

12-Mar-2004:
Add Solaris 2.6 and related patches to Contributing Factors and
Resolution sections

This Sun Alert notification is being provided to you on an "AS IS"
basis. This Sun Alert notification may contain information provided by
third parties. The issues described in this Sun Alert notification may
or may not impact your system(s). Sun makes no representations,
warranties, or guarantees as to the information contained herein. ANY
AND ALL WARRANTIES, EXPRESS OR IMPLIED, INCLUDING WITHOUT LIMITATION
WARRANTIES OF MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE, OR
NON-INFRINGEMENT, ARE HEREBY DISCLAIMED. BY ACCESSING THIS DOCUMENT YOU
ACKNOWLEDGE THAT SUN SHALL IN NO EVENT BE LIABLE FOR ANY DIRECT,
INDIRECT, INCIDENTAL, PUNITIVE, OR CONSEQUENTIAL DAMAGES THAT ARISE OUT
OF YOUR USE OR FAILURE TO USE THE INFORMATION CONTAINED HEREIN. This Sun
Alert notification contains Sun proprietary and confidential
information. It is being provided to you pursuant to the provisions of
your agreement to purchase services from Sun, or, if you do not have
such an agreement, the Sun.com Terms of Use.          This Sun Alert
notification may only be used for the purposes contemplated by these
agreements.

Copyright 2000-2004 Sun Microsystems, Inc., 4150 Network Circle, Santa
Clara, CA 95054 U.S.A. All rights reserved.

APPLIES TO:
ATTACHMENTS: