Sun Microsystems, Inc.  Sun System Handbook - ISO 4.1 October 2012 Internal/Partner Edition
   Home | Current Systems | Former STK Products | EOL Systems | Components | General Info | Search | Feedback

Asset ID: 1-77-1019470.1
Update Date:2012-07-26
Keywords:
Solution Type  Sun Alert Sure

Solution  1019470.1 :   Security Vulnerability in Firmware for T5220, T5140 and T5240 Systems May Allow a Denial of Service (DoS)  

Related Items 
    

  • Sun Netra T5220 Server
    •  
  • Sun SPARC Enterprise T5240 Server
    •  
  • Sun SPARC Enterprise T5140 Server
    •  
Related Categories 
    

  • PLA-Support>Sun Systems>Sun_Other>Sun Collections>SN-OTH: Sun Alert
    •  
  • .Old GCS Categories>Sun Microsystems>Sun Alert>Criteria Category>Security
    •  
  • .Old GCS Categories>Sun Microsystems>Sun Alert>Release Phase>Resolved
    •  

PreviouslyPublishedAs
239930 


Bug Id

SUNBUG: 6710098


Product
Sun Netra T5220 Server

Sun SPARC Enterprise T5140 Server

Sun SPARC Enterprise T5240 Server

Date of Resolved Release
05-Aug-2008


***Checked for relevance on 26-Jul-2012***


Security Vulnerability in Firmware for T5220, T5140 and T5240 Systems May Allow a Denial of Service (DoS)


1. Impact


A security vulnerability in the firmware for Sun Netra T5220 systems
and SPARC Enterprise T5140 and T5240 systems may allow a local unprivileged
user to panic the system, which is a type of Denial of Service (DoS).



2. Contributing Factors



This issue can occur on the following platforms:

 SPARC Platform



  • Sun Netra T5220 Server with firmware version 7.1.3 and without patch 136934-03

  • SPARC Enterprise T5140 and T5240 Servers with firmware version 7.1.3.c and without patch 136936-06



    


Note: No other Sun systems are affected by this issue.



To determine the firmware version on the system, log in to the
service processor and run the 'showhost' command as in the
following example (from the T5220):




sc> showhost
Sun System Firmware 7.1.3 2008/05/27 09:53
Host flash versions:
Hypervisor 1.6.4 2008/05/27 08:45
OBP 4.28.6 2008/05/23 12:07
POST 4.28.6 2008/05/23 12:32



3. Symptoms



The system will panic or produce unpredictable results. The panic
string will include "BAD TRAP type=33" or  "BAD TRAP type=34". User applications may fail with a segmentation fault (SIGSEGV) and may also write a core file, depending on the user's privileges and the system-wide coreadm(1M) settings.



4. Workaround



There is no workaround for this issue. Please see the Resolution
section below.



5. Resolution



This issue is addressed on the following platforms:



SPARC Platform



  • Sun Netra T5220 Server with firmware version 7.1.4.a (as delivered in patch 136934-03 or later)

  • SPARC Enterprise T5140 and T5240 Servers with firmware version 7.1.3.d (as delivered in patch 136936-06 or later)



    





For more information
on Security Sun Alerts, see <Document: 1009886.1>.


Modification History



28-Aug-2008: Updated Products, Impact, Contributing Factors and Resoluton sections


26-Jul-2012: Maintenance check for relevance/currency, no change in content

References





Attachments

This solution has no attachment


















       

Copyright © 2012 Sun Microsystems, Inc.  All rights reserved.

 Feedback