First published: Fri Nov 07 2008(Updated: )
The SPARC hypervisor in Sun System Firmware 6.6.3 through 6.6.5 and 7.1.3 through 7.1.3.e on UltraSPARC T1, T2, and T2+ processors allows logical domain users to access memory in other logical domains via unknown vectors.
Credit: cve@mitre.org
Affected Software | Affected Version | How to fix |
---|---|---|
Sun Blade T6300 Server | =6.6.3 | |
Sun Blade T6300 Server | =6.6.4 | |
Sun Blade T6300 Server | =6.6.5 | |
Sun Blade T6320 Server | =7.1.3d | |
Sun Blade T6320 Server | =7.1.3e | |
Sun SPARC Enterprise Server T1000 | =6.6.3 | |
Sun SPARC Enterprise Server T1000 | =6.6.4 | |
Sun SPARC Enterprise Server T1000 | =6.6.5 | |
Sun SPARC Enterprise Server T2000 | =6.6.3 | |
Sun SPARC Enterprise Server T2000 | =6.6.4 | |
Sun SPARC Enterprise Server T2000 | =6.6.5 | |
Sun Netra | =6.6.3 | |
Sun Netra | =6.6.4 | |
Sun Netra | =6.6.5 | |
Sun Netra T2000 Server | =6.6.3 | |
Sun Netra T2000 Server | =6.6.4 | |
Sun Netra T2000 Server | =6.6.5 | |
Sun Netra T5220 Server | =7.1.3 | |
Sun SPARC Enterprise Server | =6.6.3 | |
Sun SPARC Enterprise Server | =6.6.4 | |
Sun SPARC Enterprise Server | =6.6.5 | |
Sun SPARC Enterprise Server | =6.6.3 | |
Sun SPARC Enterprise Server | =6.6.4 | |
Sun SPARC Enterprise Server | =6.6.5 | |
Sun SPARC Enterprise Server | =7.1.3e | |
Sun SPARC Enterprise Server | =7.1.3d | |
Sun SPARC Enterprise Server | =7.1.3e | |
Sun Netra T5220 Server | =7.1.3d | |
Sun Netra T5220 Server | =7.1.3e | |
Sun SPARC Enterprise Server | =7.1.3d | |
Sun SPARC Enterprise Server | =7.1.3e |
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
CVE-2008-4992 has been classified with a moderate to high severity level due to potential unauthorized access to memory across logical domains.
To mitigate CVE-2008-4992, it is recommended to upgrade to Sun System Firmware versions 6.6.6 or 7.1.4 or later.
CVE-2008-4992 affects several Sun Blade and SPARC Enterprise server models running specific versions of Sun System Firmware, including versions 6.6.3 to 6.6.5 and 7.1.3 to 7.1.3.e.
CVE-2008-4992 is a privilege escalation vulnerability that enables logical domain users to access memory belonging to other logical domains.
CVE-2008-4992 was publicly disclosed in November 2008.