Sun Solaris 'pthread_mutex_reltimedlock_np(3C)' API Local Denial of Service Vulnerability
BID:30561
Info
Sun Solaris 'pthread_mutex_reltimedlock_np(3C)' API Local Denial of Service Vulnerability
| Bugtraq ID: | 30561 |
| Class: | Unknown |
| CVE: |
CVE-2008-3549 |
| Remote: | No |
| Local: | Yes |
| Published: | Aug 05 2008 12:00AM |
| Updated: | Apr 16 2015 05:56PM |
| Credit: | Sun Microsystems |
| Vulnerable: |
Sun Solaris 10_x86 Sun Solaris 10_sparc Sun OpenSolaris build snv_89 Sun OpenSolaris build snv_88 Sun OpenSolaris build snv_64 Sun OpenSolaris build snv_22 Sun OpenSolaris build snv_19 Sun OpenSolaris build snv_13 Sun OpenSolaris build snv_02 Sun OpenSolaris build snv_01 |
| Not Vulnerable: |
Sun OpenSolaris build snv_90 |
Discussion
Sun Solaris 'pthread_mutex_reltimedlock_np(3C)' API Local Denial of Service Vulnerability
The Sun Solaris 'pthread_mutex_reltimedlock_np(3C)' (priority-inherited pthread mutex) API is prone to a local denial-of-service vulnerability.
A local unprivileged attacker can exploit this issue to trigger a system hang or panic, resulting in a denial-of-service condition.
This issue affects Solaris 10 and OpenSolaris prior to build snv_90 for SPARC and x86 platforms.
The Sun Solaris 'pthread_mutex_reltimedlock_np(3C)' (priority-inherited pthread mutex) API is prone to a local denial-of-service vulnerability.
A local unprivileged attacker can exploit this issue to trigger a system hang or panic, resulting in a denial-of-service condition.
This issue affects Solaris 10 and OpenSolaris prior to build snv_90 for SPARC and x86 platforms.
Exploit / POC
Sun Solaris 'pthread_mutex_reltimedlock_np(3C)' API Local Denial of Service Vulnerability
Currently we are not aware of any working exploits for this issue. If you feel we are in error or if you are aware of more recent information, please mail us at: [email protected].
Currently we are not aware of any working exploits for this issue. If you feel we are in error or if you are aware of more recent information, please mail us at: [email protected].
Solution / Fix
Sun Solaris 'pthread_mutex_reltimedlock_np(3C)' API Local Denial of Service Vulnerability
Solution:
Sun has released patches and an advisory. Please see the references for more information.
Solution:
Sun has released patches and an advisory. Please see the references for more information.
References
Sun Solaris 'pthread_mutex_reltimedlock_np(3C)' API Local Denial of Service Vulnerability
References:
References:
- 239387 - Security Vulnerabilities in the Solaris Priority Inherited pthread mute (Sun)
- Solaris Homepage (Sun Microsystems)