Description
Multiple memory leaks in the (1) IP and (2) IPv6 multicast implementation in the kernel in Sun Solaris 10, and OpenSolaris snv_67 through snv_93, allow local users to cause a denial of service (memory consumption) via vectors related to the association of (a) DL_ENABMULTI_REQ and (b) DL_DISABMULTI_REQ messages with ARP messages.
References (6)
Core 6
Core References
Vendor Advisory third-party-advisory
x_refsource_secunia
http://secunia.com/advisories/35552
Exploit x_refsource_confirm
http://bugs.opensolaris.org/view_bug.do?bug_id=6731600
Patch, Vendor Advisory vendor-advisory
x_refsource_sunalert
http://sunsolve.sun.com/search/document.do?assetkey=1-66-262408-1
Patch x_refsource_confirm
http://sunsolve.sun.com/search/document.do?assetkey=1-21-141414-01-1
Patch vdb-entry
x_refsource_bid
http://www.securityfocus.com/bid/35474
Various Sources x_refsource_confirm
http://bugs.opensolaris.org/view_bug.do?bug_id=6709252
Scores
EPSS
0.0006
EPSS Percentile
19.1%
Details
CWE
CWE-399
Status
published
Products (27)
sun/opensolaris
snv_67 (2 CPE variants)
sun/opensolaris
snv_68 (2 CPE variants)
sun/opensolaris
snv_69 (2 CPE variants)
sun/opensolaris
snv_70 (2 CPE variants)
sun/opensolaris
snv_71 (2 CPE variants)
sun/opensolaris
snv_72 (2 CPE variants)
sun/opensolaris
snv_73 (2 CPE variants)
sun/opensolaris
snv_74 (2 CPE variants)
sun/opensolaris
snv_75 (2 CPE variants)
sun/opensolaris
snv_76 (2 CPE variants)
... and 17 more
Published
Jun 25, 2009
Tracked Since
Feb 18, 2026