Re: Solaris 2.3 ndd bug

• Messages sorted by: [ date ][ thread ][ subject ][ author ]
• Next message: Casper Dik: "Re: Solaris 2.3 ndd bug"
• Previous message: Mike Shaver: "Solaris 2.3 ndd bug"
• In reply to: Mike Shaver: "Solaris 2.3 ndd bug"
• Next in thread: Casper Dik: "Re: Solaris 2.3 ndd bug"

> 
> I discovered a, er, shortcoming of /usr/sbin/ndd under Solaris 2.3 this
> evening....
> 
> I was poking around, trying to learn more about the system I live in/with,
> that sort of thing, when I tried:
> /usr/sbin/ndd /dev/udp udp_status
> 
> Boom!  Instant kernel panic.
> 
> I'm logged in from remote, so I didn't get to see all the nice messages, but
> this is the line in /var/adm/messages which seems relevant:
> 
> Feb  6 01:52:21 iron unix: panic: recursive mutex_enter. mutex fc0acb50 caller fc02dabc
> 
> I, um, reproduced it on another Solaris 2.3 system, so it seems like a real
> bug.
> 
> And as I see it, this is a reasonably large one.
> Not only does it show a less-than-complete run of testing of Sun's udp code
> (I daren't try it with other devices until I have a test machine), but it
> could theoretically present an interesting denial of service attack.
> 
> Anyone care to try it on 2.[24] or anything else w/ ndd?

ummmm, yeah, found that last year...fixed in 2.4

I had a problem with bsmconv being enabled (2.4), but I haven't tried the
latest kernel yet (101945-13).  problem = kernel panic:
Jan  9 19:38:46 solaris2 unix: panic: AUDIT_SETF: path already allocated to file audit data

• Next message: Casper Dik: "Re: Solaris 2.3 ndd bug"
• Previous message: Mike Shaver: "Solaris 2.3 ndd bug"
• In reply to: Mike Shaver: "Solaris 2.3 ndd bug"
• Next in thread: Casper Dik: "Re: Solaris 2.3 ndd bug"