Vigil@nce: OpenSolaris, denial of service on UltraSPARC T2
January 2009 by Vigil@nce
A local attacker on a Sun UltraSPARC T2 or UltraSPARC T2+
processor can panic the system.
– Gravity: 1/4
– Consequences: denial of service of computer
– Provenance: user shell
– Means of attack: no proof of concept, no attack
– Ability of attacker: expert (4/4)
– Confidence: confirmed by the editor (5/5)
– Diffusion of the vulnerable configuration: high (3/3)
– Creation date: 22/01/2009
IMPACTED PRODUCTS
– OpenSolaris
DESCRIPTION OF THE VULNERABILITY
The usr/src/uts/sun4v/ml/trap_table.s file implements the trap
handling on sun4v kernels.
The build 100 of OpenSolaris changed this file and introduced an
error specific to Sun UltraSPARC T2 and UltraSPARC T2+ processors.
Indeed, the IMMU (Instruction Memory Management Units) are handled
in a different way, which panics the system.
A local attacker can therefore create this error in order to
generate a denial of service.
CHARACTERISTICS
– Identifiers: 250066, 6762012, BID-33398, VIGILANCE-VUL-8412
– Url: http://vigilance.fr/vulnerability/OpenSolaris-denial-of-service-on-UltraSPARC-T2-8412