A security vulnerability in the vuidmice(7M) STREAMS modules may allow a local unprivileged user who has access to the system console device (console(7D)) to render the console unusable, which is a type of Denial of Service (DoS).

This issue can occur in the following releases:

x86 Platform

• Solaris 8 without patch 114154-02
• Solaris 9 without patch 117419-03
• Solaris 10 without patch 127751-01

Note 1: Solaris on the SPARC platform is not impacted by this issue.

Note 2: This issue requires users to have access to the system console device in order to be exploited.

If this issue is exploited, it may render the system console device unusable and may cause garbled characters to be printed on the console. In addition, on Solaris 10 systems, this issue may cause smf(5) to print the following error message on the system console in a continuous loop:

    Requesting System Maintenance Mode
    (See /lib/svc/share/README for more information.)
    Console login service(s) cannot run

There is no workaround for this issue. Please see the "Resolution" section below.

This issue is addressed in the following releases:

x86 Platform

• Solaris 8 with patch 114154-02 or later
• Solaris 9 with patch 117419-03 or later
• Solaris 10 with patch 127751-01 or later

This solution has no attachment