Executive Summary

Summary
Title Sun Alert 257848 Security Vulnerability in the Solaris Kernel Involving the Interaction of the Filesystem and Virtual Memory Subsystems
Informations
Name SUN-257848 First vendor Publication 2009-08-17
Vendor Sun Last vendor Modification 2009-08-17
Severity (Vendor) N/A Revision N/A

Security-Database Scoring CVSS v3

Cvss vector : N/A
Overall CVSS Score NA
Base Score NA Environmental Score NA
impact SubScore NA Temporal Score NA
Exploitabality Sub Score NA
 
Calculate full CVSS 3.0 Vectors scores

Security-Database Scoring CVSS v2

Cvss vector : (AV:L/AC:L/Au:N/C:N/I:N/A:C)
Cvss Base Score 4.9 Attack Range Local
Cvss Impact Score 6.9 Attack Complexity Low
Cvss Expoit Score 3.9 Authentication None Required
Calculate full CVSS 2.0 Vectors scores

Detail

Product: Solaris 8 Operating System Solaris 9 Operating System Solaris 10 Operating System OpenSolaris

A security vulnerability in the Solaris kernel related to the interaction of the filesystem and virtual memory subsystems may allow a local unprivileged user to cause the system to slow down and eventually cease operating, thereby resulting in a Denial of Service (DoS).

State: Resolved
First released: 17-Aug-2009

Original Source

Url : http://blogs.sun.com/security/entry/sun_alert_257848_security_vulnerability

CWE : Common Weakness Enumeration

% Id Name
100 % CWE-667 Insufficient Locking

OVAL Definitions

Definition Id: oval:org.mitre.oval:def:6152
 
Oval ID: oval:org.mitre.oval:def:6152
Title: Security Vulnerability in the Solaris Kernel Involving the Interaction of the Filesystem and Virtual Memory Subsystems
Description: The kernel in Sun Solaris 8, 9, and 10, and OpenSolaris before snv_103, does not properly handle interaction between the filesystem and virtual-memory implementations, which allows local users to cause a denial of service (deadlock and system halt) via vectors involving mmap and write operations on the same file.
Family: unix Class: vulnerability
Reference(s): CVE-2009-2857
Version: 1
Platform(s): Sun Solaris 8
Sun Solaris 9
Sun Solaris 10
Product(s):
Definition Synopsis:

CPE : Common Platform Enumeration

TypeDescriptionCount
Os 3
Os 3

Open Source Vulnerability Database (OSVDB)

Id Description
57151 Solaris Kernel Filesystem / Virtual Memory Subsystem Interaction Unspecified ...