Vulnerabilities > CVE-2009-0924 - Resource Management Errors vulnerability in SUN Opensolaris and Solaris

047910
CVSS 0.0 - NONE
Attack vector
UNKNOWN
Attack complexity
UNKNOWN
Privileges required
UNKNOWN
Confidentiality impact
UNKNOWN
Integrity impact
UNKNOWN
Availability impact
UNKNOWN

Summary

Unspecified vulnerability in Sun OpenSolaris snv_39 through snv_45, when running in 64-bit mode on x86 architectures, allows local users to cause a denial of service (hang of UFS filesystem write) via unknown vectors related to the (1) ufs_getpage and (2) ufs_putapage routines, aka CR 6442712.

Common Weakness Enumeration (CWE)

Seebug

bulletinFamilyexploit
descriptionBUGTRAQ ID: 34137 CVE(CAN) ID: CVE-2009-0924,CVE-2009-0925,CVE-2009-0926 Solaris是一款由Sun开发和维护的商业UNIX操作系统。 Solaris系统UFS文件系统中有关ufs_getpage()和ufs_putpage()例程的安全漏洞可能导致系统挂起或忙碌,每个漏洞的具体影响如下: CR 6442712 在以64位模式运行OpenSolaris snv_39到snv_45的x86系统上,本地非特权用户可以导致所有对UFS文件系统的写入挂起,之后无法继续运行应用程序和命令;此外,如果root(/)文件系统为UFS,还可以导致系统挂起。 CR 6425723 在SPARC sun4v系统上,如果所运行的Solaris 10安装了138888-01补丁或之后版本且没有安装139483-05补丁,或在运行OpenSolaris snv_47到snv_85,则本地非特权用户可以导致所有对UFS文件系统的写入挂起,之后无法继续运行应用程序和命令,这是一种拒绝服务;此外,如果root(/)文件系统为UFS,还可以导致系统挂起。 CR 6679732 如果x86系统在以32位模式运行OpenSolaris snv_86到snv_91且至少存在一个UFS文件系统,则本地非特权用户可以导致忙碌。 当出现6442712和6425723漏洞时,挂起的内核线程栈类似于: bmap_write+0x50() ufs_getpage+0x438() fop_getpage+0x44() segmap_getmapflt+0x588() wrip+0x63c() ufs_write+0x580() fop_write+0x20() write+0x268() syscall_trap32+0xcc() 6679732忙碌漏洞栈类似于: vcmn_err+16() real_panic_v+10c() ufs_fault_v+104() ufs_fault+3a() ufs_putapage+596() ufs_putpages+2a9() ufs_putpage+16c() fop_putpage+49() segmap_release+2da() wrip+8d4() ufs_write+4d2() fop_write+4a() 并生成以下形式的忙碌消息: ufs_putapage: bn == UFS_HOLE Sun Solaris 10.0 Sun OpenSolaris 临时解决方法: 如果您不能立刻安装补丁或者升级,NSFOCUS建议您采取以下措施以降低威胁: * 向/etc/system文件添加以下项并重启系统: set segmap_kpm = 0x0 厂商补丁: Sun --- Sun已经为此发布了一个安全公告(Sun-Alert-254628)以及相应补丁: Sun-Alert-254628:Security Vulnerabilities in the UFS File System Relating to ufs_getpage() and ufs_putpage() Routines May Allow a Local User to Hang or Panic the System 链接:<a href=http://sunsolve.sun.com/search/printfriendly.do?assetkey=1-66-254628-1 target=_blank rel=external nofollow>http://sunsolve.sun.com/search/printfriendly.do?assetkey=1-66-254628-1</a>
idSSV:4939
last seen2017-11-19
modified2009-03-23
published2009-03-23
reporterRoot
titleSun Solaris UFS文件系统多个本地拒绝服务漏洞