![]() | Sun System Handbook - ISO 4.1 October 2012 Internal/Partner Edition | ||
|
|
![]() |
||||||||||||
Solution Type Sun Alert Sure Solution 1019731.1 : A Security Vulnerability in the Sun System Firmware on Certain SPARC Systems May Allow Unauthorized Data Access
PreviouslyPublishedAs 244826 Bug Id SUNBUG: 6721010 Product Sun SPARC Enterprise T5120 Server Sun SPARC Enterprise T5140 Server Sun SPARC Enterprise T5220 Server Sun Fire T1000 Server Sun Fire T2000 Server Sun Netra T2000 Server Sun Netra CP3060 ATCA Blade Server Sun Blade T6300 Server Module Date of Resolved Release 05-Nov-2008 ***Checked for relevance on 19-Jul-2012*** 1. Impact A security vulnerability in the firmware for certain Sun SPARC Systems using the Sun UltraSPARC T1, UltraSPARC T2, and UltraSPARC T2+ processors may allow unauthorized data access, where local privileged users in one Logical Domain (ldm(1M)) may be able to gain access to memory in another logical domain. 2. Contributing Factors This issue can occur on the following platforms (when running multiple domains):
Note 2: This issue can only occur on systems (listed above) running multiple domains. Note 3: To determine the Sun System Firmware version installed on a system, you can query from the Service Processor command line interface with the following commands: ILOM CLI: "show /HOST"
(SysFW 7.x only)
ALOM CLI: "showhost" (SysFW 7.x and 6.x) Example 1: (look for "Sun System Firmware" version information underneath the "Properties" section) -> show /HOST Example 2: sc> showhost Host flash versions: Note 4: To determine if the system is running multiple domains, and is therefore potentially vulnerable, the LDoms Manager package (SUNWldm(1M)) includes a command to list the domains: Example 1: This is a single-domained system: # /opt/SUNWldm/bin/ldm list Example 2: This is a multi-domained system with the 2nd domain active. # /opt/SUNWldm/bin/ldm list Example 3: This is a multi-domained system with the 2nd domain quiesced: # /opt/SUNWldm/bin/ldm list 3. Symptoms There are no predictable symptoms to indicate this issue has been exploited to gain unauthorized data access to the system. 4. Workaround To work around the described issue until the resolution patches can be applied, restrict privileged access only to trusted users. 5. Resolution This issue is addressed for these platforms in the following releases:
For more information on Security Sun Alerts, see <Document: 1009886.1>. Modification History 19-Jul-2012: Maintenance update, checked for relevance ReferencesSUNPATCH:13692705SUNPATCH:13692805 SUNPATCH:13692905 SUNPATCH:13693005 SUNPATCH:13693105 SUNPATCH:13693204 SUNPATCH:13693403 SUNPATCH:13693306 SUNPATCH:13693607 Attachments This solution has no attachment |
||||||||||||
|