CVE-2018-2908

Name of the Vulnerable Software and Affected Versions Oracle Sun Systems Products Suite (subcomponent: Kernel) version 11.3

Description The issue is related to inadequate access control in the Kernel component of the Solaris operating system. It allows a low-privileged attacker with network access via RPC to compromise Solaris, potentially causing a hang or repeatable crash (complete DOS) of the system. This could significantly impact additional products.

Recommendations For version 11.3, consider restricting access to RPC services to minimize the risk of exploitation until a patch is available. As a temporary workaround, limiting network access to the Solaris system can also help reduce the risk. At the moment, there is no information about a newer version that contains a fix for this vulnerability.