Sun Solaris重负载下内核死锁崩溃漏洞
发布日期:2003-06-26
更新日期:2003-07-02
受影响系统:Sun Solaris 8.0_x86
Sun Solaris 8.0
描述:
BUGTRAQ ID:
8054
Solaris是一款由Sun Microsystems公司开发和维护的商业性质UNIX操作系统。
Solaris 8.0在系统负载重的时候存在内核崩溃的可能,本地攻击者可以利用这个漏洞通过建立死锁条件而触发此漏洞。
当系统出现崩溃或挂起时,跟踪内核堆栈类似如下信息:
unix: swtch ()
genunix: turnstile_block+0x60c (0x300157805e0,0x0, ...
unix: mutex_vector_enter+0x374 (0x10425218,0x10419288, ...
unix: mutex_enter ()
unix: page_relocate_hash+0x5c (0x10428288,0x10425218, ...
unix: platform_page_relocate+0x194 (0x31042af91a0,...
unix: page_get_contig_pages+0x174 (0x0,0x18,0x0,0x31042af91a0,0x0,0x10b)
unix: page_get_mnode_freelist+0x328 (0x0,0x0,0x0,0x0,0x0,0x0)
unix: page_get_freelist ()
genunix: anon_map_getpages+0x1a0 (0x200,0x10059034,0x400000, ...
genunix: segspt_create+0x190 (0x5c00,0x2a1013ab818,0x300296bfe18, ...
genunix: as_map+0x160 (0x10413800,0x300296bfe18,0x30015d1ccc8, ...
genunix: sptcreate+0x80 (0x30015d1cc98,0x30028b0b1b8,0x30028b0b1b8, ...
shmsys: shmat+0x5bc (0x104ab800,0x0,0x30000c70948,0x23,0x2a1013aba38, ...
shmsys: shmsys+0x60 (0x0,0x23,0x0,0x4000,0x0,0x3aa1c)
genunix: indir+0xa4 (0x1044a240,0x0,0x23,0x0,0x4000,0x0)
unix: syscall_trap32+0xa8 (0x34,0x0,0x23,0x0,0x4000,0x0)
目前还没有漏洞的具体细节提供。
<*来源:Sun(sm) Alert Notification
链接:
http://sunsolve.sun.com/pub-cgi/retrieve.pl?doc=fsalert%2F53584
*>
建议:
厂商补丁:
Sun
---
目前厂商已经发布了升级补丁以修复这个安全问题,请到厂商的主页下载:
Sun Solaris 8.0 _x86:
Sun Patch 108529-21
http://sunsolve.sun.com/pub-cgi/findPatch.pl?patchId=108529&rev=21
Sun Solaris 8.0:
Sun Patch 108528-21
http://sunsolve.sun.com/pub-cgi/findPatch.pl?patchId=108528&rev=21浏览次数:2955
严重程度:0(网友投票)