CVE-2007-2764

The embedded Linux kernel in certain Sun-Brocade SilkWorm switches before 20070516 does not properly handle a situation in which a non-root user creates a kernel process, which allows attackers to cause a denial of service (oops and device reboot) via unspecified vectors. The vendor has addressed this issue through the release of the following product updates: Sun SG-XSWBRO200E 8P SilkWorm 200E switch 0 Sun patch 124898-03 http://sunsolve.sun.com/search/document.do?assetkeyurn:cds:docid:1-21 -124898-03-1 Sun SG-XSWBRO3900 SilkWorm 3900 switch 0 Sun patch 124898-03 http://sunsolve.sun.com/search/document.do?assetkeyurn:cds:docid:1-21 -124898-03-1 Sun SG-XSWBRO48ZP Silkworm 48000 Director 0 Sun patch 124898-03 http://sunsolve.sun.com/search/document.do?assetkeyurn:cds:docid:1-21 -124898-03-1 Sun SG-XSWBRO3250 SilkWorm 3250 switch 0 Sun patch 124898-03 http://sunsolve.sun.com/search/document.do?assetkeyurn:cds:docid:1-21 -124898-03-1 Sun SG-XSWBRO12000-32P/64P SilkWorm 12000 Director 0 Sun patch 119552-05 http://sunsolve.sun.com/search/document.do?assetkeyurn:cds:docid:1-21 -119552-05-1 Sun SG-XSWBRO4900 SilkWorm 4900 switch 0 Sun patch 124898-03 http://sunsolve.sun.com/search/document.do?assetkeyurn:cds:docid:1-21 -124898-03-1 Sun SG-XSWBRO3850 SilkWorm 3850 switch 0 Sun patch 124898-03 http://sunsolve.sun.com/search/document.do?assetkeyurn:cds:docid:1-21 -124898-03-1 Sun SG-XSWBRO24K-32P SilkWorm 24000 Director 0 Sun patch 124898-03 http://sunsolve.sun.com/search/document.do?assetkeyurn:cds:docid:1-21 -124898-03-1

Publication date: Sat, 19 May 2007 03:30:00 +0000