CVE-2009-0131

Name of the Vulnerable Software and Affected Versions Sun OpenSolaris versions snv 29 through snv 90

Description The issue is related to the UFS implementation in the kernel, allowing local users to cause a denial of service (panic) via the single posix fallocate test in the SUSv3 POSIX test suite. This is related to an F ALLOCSP fcntl call.

Recommendations For Sun OpenSolaris versions snv 29 through snv 90, consider restricting access to the posix fallocate test in the SUSv3 POSIX test suite to minimize the risk of exploitation. As a temporary workaround, avoid using the F ALLOCSP fcntl call until a patch is available. At the moment, there is no information about a newer version that contains a fix for this vulnerability.