CVE-2018-3274

Name of the Vulnerable Software and Affected Versions Oracle Sun Systems Products Suite (subcomponent: Kernel) version 11.3

Description The issue is related to inadequate access control in the Solaris kernel, allowing a low-privileged attacker with network access via the SMB protocol to compromise Solaris. Successful attacks require human interaction from a person other than the attacker and can result in the ability to cause a hang or frequently repeatable crash (complete DOS) of Solaris.

Recommendations For version 11.3, consider restricting access to the SMB protocol to minimize the risk of exploitation until a patch is available. As a temporary workaround, consider disabling the SMB service until a fix is provided. At the moment, there is no information about a newer version that contains a fix for this vulnerability.