New Search

Security Vulnerability With Loading Arbitrary Kernel Modules in Solaris Kernel

oval:org.mitre.oval:def:1381

Directory traversal vulnerability in the vfs_getvfssw function in Solaris 2.6 7 8 and 9 allows local users to load arbitrary kernel modules via crafted (1) mount or (2) sysfs system calls. NOTE: this might be the same issue as CVE-2004-1767 but there are insufficient details to be sure.

Family:
unix
Status:
ACCEPTED
Platform(s):
  • Sun Solaris 7
  • Sun Solaris 2.6
  • Sun Solaris 8
  • Sun Solaris 9
Class:
vulnerability
Reference(s):
  • CVE-2004-2686
Product(s):