Sun Microsystems, Inc.  Sun System Handbook - ISO 4.1 October 2012 Internal/Partner Edition
   Home | Current Systems | Former STK Products | EOL Systems | Components | General Info | Search | Feedback

Asset ID: 1-77-1019470.1
Update Date:2012-07-26
Keywords:

Solution Type  Sun Alert Sure

Solution  1019470.1 :   Security Vulnerability in Firmware for T5220, T5140 and T5240 Systems May Allow a Denial of Service (DoS)  


Related Items
  • Sun Netra T5220 Server
  •  
  • Sun SPARC Enterprise T5240 Server
  •  
  • Sun SPARC Enterprise T5140 Server
  •  
Related Categories
  • PLA-Support>Sun Systems>Sun_Other>Sun Collections>SN-OTH: Sun Alert
  •  
  • .Old GCS Categories>Sun Microsystems>Sun Alert>Criteria Category>Security
  •  
  • .Old GCS Categories>Sun Microsystems>Sun Alert>Release Phase>Resolved
  •  

PreviouslyPublishedAs
239930


Bug Id
SUNBUG: 6710098

Product
Sun Netra T5220 Server
Sun SPARC Enterprise T5140 Server
Sun SPARC Enterprise T5240 Server

Date of Resolved Release
05-Aug-2008

***Checked for relevance on 26-Jul-2012***

Security Vulnerability in Firmware for T5220, T5140 and T5240 Systems May Allow a Denial of Service (DoS)

1. Impact

A security vulnerability in the firmware for Sun Netra T5220 systems and SPARC Enterprise T5140 and T5240 systems may allow a local unprivileged user to panic the system, which is a type of Denial of Service (DoS).

2. Contributing Factors

This issue can occur on the following platforms:

SPARC Platform
  • Sun Netra T5220 Server with firmware version 7.1.3 and without patch 136934-03
  • SPARC Enterprise T5140 and T5240 Servers with firmware version 7.1.3.c and without patch 136936-06
Note: No other Sun systems are affected by this issue.

To determine the firmware version on the system, log in to the service processor and run the 'showhost' command as in the following example (from the T5220):

sc> showhost
Sun System Firmware 7.1.3 2008/05/27 09:53
Host flash versions:
Hypervisor 1.6.4 2008/05/27 08:45
OBP 4.28.6 2008/05/23 12:07
POST 4.28.6 2008/05/23 12:32

3. Symptoms

The system will panic or produce unpredictable results. The panic string will include "BAD TRAP type=33" or  "BAD TRAP type=34". User applications may fail with a segmentation fault (SIGSEGV) and may also write a core file, depending on the user's privileges and the system-wide coreadm(1M) settings.

4. Workaround

There is no workaround for this issue. Please see the Resolution section below.

5. Resolution

This issue is addressed on the following platforms:

SPARC Platform
  • Sun Netra T5220 Server with firmware version 7.1.4.a (as delivered in patch 136934-03 or later)
  • SPARC Enterprise T5140 and T5240 Servers with firmware version 7.1.3.d (as delivered in patch 136936-06 or later)


For more information on Security Sun Alerts, see <Document: 1009886.1>.


Modification History

28-Aug-2008: Updated Products, Impact, Contributing Factors and Resoluton sections

26-Jul-2012: Maintenance check for relevance/currency, no change in content

References




Attachments
This solution has no attachment
  Copyright © 2012 Sun Microsystems, Inc.  All rights reserved.
 Feedback