CVE DATABASE / CVE-2009-2857
CVE-2009-2857
CVSS 5.5 · MEDIUM
Summary
The kernel in Sun Solaris 8, 9, and 10, and OpenSolaris before snv_103, does not properly handle interaction between the filesystem and virtual-memory implementations, which allows local users to cause a denial of service (deadlock and system halt) via vectors involving mmap and write operations on the same file.
CVSS 3.1 breakdown
| Base score | 5.5 (MEDIUM) |
| Vector | CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H |
| Attack vector | LOCAL |
| Attack complexity | LOW |
| Privileges required | LOW |
| User interaction | NONE |
| Scope | UNCHANGED |
| Confidentiality | NONE |
| Integrity | NONE |
| Availability | HIGH |
Weakness type (CWE)
Affected products
Oracle opensolarisOracle solaris
Check this CVE live
Use our free CVE Lookup tool for the latest NVD record, or browse the full CISA KEV catalog.
References
- http://secunia.com/advisories/36319
- http://sunsolve.sun.com/search/document.do?assetkey=1-21-127721-02-1
- http://sunsolve.sun.com/search/document.do?assetkey=1-66-257848-1
- http://www.vupen.com/english/advisories/2009/2291
- https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A6152
Data: NIST NVD. NVD last modified 2026-04-23. Always verify against the vendor advisory before acting.