Sun Solaris sendfile(3EXT)和sendfilev(3EXT)扩展函数本地拒绝服务漏洞
发布日期:2009-08-18
更新日期:2009-09-15
受影响系统:Sun Solaris 9.0_x86
Sun Solaris 9.0
Sun Solaris 8.0_x86
Sun Solaris 8.0
Sun Solaris 10.0_x86
Sun Solaris 10.0
Sun OpenSolaris snv_01 - snv_109
描述:
BUGTRAQ ID:
36083
CVE(CAN) ID:
CVE-2009-2912
Solaris是一款由Sun开发和维护的商业UNIX操作系统。
Solaris的sendfile和sendfilev扩展库函数允许本地攻击者通过vnode函数调用导致系统忙碌。如果出现了上述漏洞,系统可能出现类似于以下栈追踪的忙碌:
panic[cpu1]/thread=c8491660: Deadlock: cycle in blocking chain
c9091cf4 genunix:turnstile_block()
c9091d3c unix:rw_enter_sleep()
c9091d5c tmpfs:tmp_rwlock()
c9091d70 genunix:fop_rwlock()
c9091e18 genunix:sendvec_chunk()
c9091f7c genunix:sendfilev()
<*来源:Sun Alert Notification
链接:
http://secunia.com/advisories/36400
http://sunsolve.sun.com/search/printfriendly.do?assetkey=1-66-258588-1
*>
建议:
厂商补丁:
Sun
---
Sun已经为此发布了一个安全公告(Sun-Alert-258588)以及相应补丁:
Sun-Alert-258588:Security Vulnerability in the Solaris sendfile(3EXT) and sendfilev(3EXT) Extended Library Functions may Result in a Denial of Service (DoS) Condition due to a System Panic
链接:
http://sunsolve.sun.com/search/printfriendly.do?assetkey=1-66-258588-1浏览次数:2566
严重程度:0(网友投票)
