Sun Solaris NFS Kernel Module Local Denial of Service Vulnerability

Bugtraq ID:	30810
Class:	Unknown
CVE:	CVE-2008-3839
Remote:	No
Local:	Yes
Published:	Aug 22 2008 12:00AM
Updated:	May 07 2015 05:24PM
Credit:	Sun Microsystems
Vulnerable:	Sun Solaris 10_x86 Sun Solaris 10_sparc Sun OpenSolaris build snv_87 Sun OpenSolaris build snv_85 Sun OpenSolaris build snv_68 Sun OpenSolaris build snv_67 Sun OpenSolaris build snv_64 Sun OpenSolaris build snv_59
Not Vulnerable:	Sun OpenSolaris build snv_96 Sun OpenSolaris build snv_95 Sun OpenSolaris build snv_92 Sun OpenSolaris build snv_91 Sun OpenSolaris build snv_90 Sun OpenSolaris build snv_89 Sun OpenSolaris build snv_88

Sun Solaris NFS Kernel Module Local Denial of Service Vulnerability

Sun Solaris is prone to a local denial-of-service vulnerability.

A local unprivileged attacker can exploit this issue to cause a system panic that will result in a denial-of-service condition.

This issue affects the following on both SPARC and x86 platforms:

Solaris 10
OpenSolaris based on builds snv_59 through snv_87

Sun Solaris NFS Kernel Module Local Denial of Service Vulnerability

Currently we are not aware of any working exploits for this issue. If you feel we are in error or if you are aware of more recent information, please mail us at: [email protected].

Sun Solaris NFS Kernel Module Local Denial of Service Vulnerability

Solution:
Sun has released patches and an advisory. Please see the references for more information.

Sun Solaris NFS Kernel Module Local Denial of Service Vulnerability

References:

• Sun Homepage (Sun Microsystems )
  
• #241066: A Security Vulnerability in the Solaris NFS Kernel Module (Sun)