Vigil@nce: Solaris: denial of service via SDP
November 2009 by Vigil@nce
A local or remote attacker can use a memory leak of SDP, in order
to progressively use all system resources.
Severity: 2/4
Consequences: denial of service of computer
Provenance: intranet client
Means of attack: no proof of concept, no attack
Ability of attacker: expert (4/4)
Confidence: confirmed by the editor (5/5)
Diffusion of the vulnerable configuration: low (1/3)
Creation date: 04/11/2009
IMPACTED PRODUCTS
– OpenSolaris
– Sun Solaris
DESCRIPTION OF THE VULNERABILITY
The SDP (Sockets Direct Protocol) protocol was defined for
InfiniBand hardware (high speed computer bus).
The /dev/sdp and /dev/sdpib devices are available when SDP is
enabled. By default, no application shipped with Solaris uses SDP.
When these devices are used, a memory area is allocated, but it is
never freed.
When SDP is enabled, a local or remote attacker can therefore
generate a memory leak, in order to progressively use all system
resources.
CHARACTERISTICS
Identifiers: 264730, 6648139, BID-36904, CVE-2009-3899,
VIGILANCE-VUL-9164
http://vigilance.fr/vulnerability/Solaris-denial-of-service-via-SDP-9164