CVE-2009-0132 — Solaris vulnerability

CWE-1893 documents3 sources

Severity

4.9MEDIUMNVD

EPSS

0.1%

top 73.73%

CISA KEV

Not in KEV

Exploit

No known exploits

Affected products

SUN Solaris

Timeline

PublishedJan 15

Latest updateMay 2

Description

Integer overflow in the aio_suspend function in Sun Solaris 8 through 10 and OpenSolaris, when 32-bit mode is enabled, allows local users to cause a denial of service (panic) via a large integer value in the second argument (aka nent argument).

CVSS vector

AV:L/AC:L/C:N/I:N/A:CExploitability: 3.9 | Impact: 6.9

Affected Packages1 packages

▶NVDsun/solaris10, 8, 9+2

Patches

Patch: sunsolve.sun.com ↗Patch: www.securityfocus.com ↗Patch: sunsolve.sun.com ↗

🔴Vulnerability Details

GHSA

GHSA-23xv-3xmf-w354: Integer overflow in the aio_suspend function in Sun Solaris 8 through 10 and OpenSolaris, when 32-bit mode is enabled, allows local users to cause a d↗2022-05-02

▶

CVEList

CVE-2009-0132: Integer overflow in the aio_suspend function in Sun Solaris 8 through 10 and OpenSolaris, when 32-bit mode is enabled, allows local users to cause a d↗2009-01-15

▶