The Vigil@nce team watches public vulnerabilities impacting your computers, and then offers security solutions, a database and tools to fix them.

Vulnerability of Solaris: denial of service of Crypto Driver

Synthesis of the vulnerability

A local attacker can use an ioctl in order to stop the system via a vulnerability of Crypto Driver.
Severity of this alert: 1/4.
Creation date: 05/03/2009.
Références of this alert: 254088, 6767649, BID-34000, CVE-2009-0838, VIGILANCE-VUL-8513.

Description of the vulnerability

The uts/common/crypto/io/crypto.c file implements the cryptographic driver of Solaris.

A local user can use an ioctl to obtain information on a cryptographic session. The object_get_attribute_value() function fills in these information.

However, this function does not initialize the u_attrs pointer to NULL. If the session is not valid, an error occurs and then this pointer is freed because it is not NULL, which panics the kernel.

A local attacker can therefore use an ioctl in order to stop the system via a vulnerability of Crypto Driver.
Full bulletin, software filtering, emails, fixes, ... (Request your free trial)

This security weakness impacts software or systems such as OpenSolaris, Solaris.

Our Vigil@nce team determined that the severity of this threat bulletin is low.

The trust level is of type confirmed by the editor, with an origin of user shell.

An attacker with a expert ability can exploit this threat.

Solutions for this threat

Solaris: patch for Crypto Driver.
A patch is available:
SPARC Platform:
  Solaris 10 : patch 139498-04
  OpenSolaris : build snv_103
x86 Platform:
  Solaris 10 : patch 139499-04
  OpenSolaris : build snv_103
Full bulletin, software filtering, emails, fixes, ... (Request your free trial)

Computer vulnerabilities tracking service

Vigil@nce provides systems vulnerabilities patches. The Vigil@nce vulnerability database contains several thousand vulnerabilities.