Solaris 9 systems with patch 118305-04 or 117470-03 installed, and Solaris 10 systems may experience one or both of the following issues:

1. A sshd(1M) daemon associated with a ssh(1) client using X11 forwarding may core dump. As a result, only ssh(1) clients not requiring X11 forwarding will be able to access the server.

2. Applications attempting to bind to a specific TPC/UDP port via an AF_INET socket may experience bind failures.

These issues can occur on the following Releases:

SPARC Platform

• Solaris 9 with patch 118305-04 and without patch 118335-04
• Solaris 10 without patch 119075-05

x86 Platform

• Solaris 9 with patch 117470-03 and without patch 120463-01
• Solaris 10 without patch 119076-04

Note: Solaris 7 and Solaris 8 are not impacted by these issues.

The sshd(1M) issue described above only occurs if X11 forwarding is enabled on the system.  To determine if X11 forwarding is enabled on a system, the following command can be used:

    $  grep X11Forwarding /etc/ssh/sshd_config
    X11Forwarding yes

Note: X11 forwarding is disabled in sshd(1M) by default.

If the sshd(1M) issue occurs, sshd(1M) will dump core when a ssh(1) client requests X11 forwarding.  This issue can be confirmed by using the "pstack" command on the resulting core file. The output will show the core to be from sshd(1M) as shown below:

    pstack /core
    core '/core' of 465:    /usr/lib/ssh/sshd
      ff1344e4 strlen   (8e49c, 0, c84c8, ff1bc000, 0, cf300) + 80
      ff188684 fprintf  (c84c8, 8e49c, 0, bf1fc, 81010100, ff00) + d8
      00031b54 ???????? (c1068, b, 40, ffbff3a8, 0, 0)
      0002e48c server_loop2 (cf880, 0, 0, 0, 0, 0) + 110
      0002ee74 do_authenticated (cf880, 0, b6c00, b6c00, cac00, 0) + 74
      00025990 main     (b6c00, c069c, b6c00, cf630, cc400, cb768) + 1290
      00023a30 _start (0, 0, 0, 0, 0, 0) + 108

If the "bind failure" issue occurs, the symptoms will be application specific depending upon how the application handles bind failures and related error reporting. 

To work around the sshd(1M) issue described above, systems not required to support X11 forwarding may disable it by editing the "/etc/ssh/sshd_config" file as follows:

From:
    X11 Forwarding yes
To:
    X11 Forwarding no

Alternatively, individual users may create their own ".ssh/config" file and turn X11 forwarding off for their ssh(1) sessions, or run ssh(1) with the "-x" option.

For Solaris 9 systems that are required to support X11 forwarding, or to work around the "bind failure" issue described above, the following workaround can be applied:

For Solaris 9

• Remove patch 118305-04 and re-install patch 118305-03

For Solaris 9 x86

• Remove patch 117470-03 and re-install patch 117470-01

These issues are addressed in the following releases:

SPARC Platform

• Solaris 9 with patch 118335-04 or later
• Solaris 10 with patch 119075-05 or later

x86 Platform

• Solaris 9 with patch 120463-01 or later
• Solaris 10 with patch 119076-04 or later

Change History

• State: Resolved
• Updated Contributing Factors and Resolution sections

This solution has no attachment