OBSOLETE Patch-ID# 117470-09


Download this patch from My Oracle Support

Your use of the firmware, software and any other materials contained in this update is subject to My Oracle Support Terms of Use, which may be viewed at My Oracle Support.
For further information on patching best practices and resources, please see the following links:
Copyright (c) 2012, Oracle and/or its affiliates. All rights reserved.

Keywords: security tcp tcp.h system hang loop tcp ip packet icmp error
Synopsis: Obsoleted by: 119435-20 SunOS 5.9_x86: tcp Patch
Date: Jul/09/2007


Install Requirements: After installing this patch on an active boot environment, the system will be in a potentially inconsistent state until a reboot is performed. Unless
otherwise specified in the Special Install Instructions below, it is normally safe to apply further patches prior to initiating the reboot due to the relatively small footprint of the patch utilities. Normal operations must not be resumed until after the reboot is performed.
Use Single User Mode (run level S) when installing this patch on an active boot environment. An alternative may be specified in the Special Install Instructions.

Solaris Release: 9_x86

SunOS Release: 5.9_x86

Unbundled Product:

Unbundled Release:

Xref: This patch available for SPARC as patch 118305

Topic: SunOS 5.9_x86: tcp Patch

Relevant Architectures: i386

Bugs fixed with this patch:

Sun CR # Bug #
451168115082228
470872015113470
484618415155001
508445215222151
508915015223604
509422915225165
625938915261569
627646415268158
635477315299554
639554015317503
652111215376634


Changes incorporated in this version: 6521112

Patches accumulated and obsoleted by this patch:

Patches which conflict with this patch:

Patches required with this patch: 117172-17 (or greater)

Obsoleted by: 119435-20

Files included with this patch:

/kernel/drv/tcp
/kernel/strmod/tcp
/usr/include/inet/tcp.h
/usr/lib/adb/tcp

Problem Description:

6521112 data corruption may occur when packet with invalid timestamp value is sent
 
(from 117470-08)
 
6395540 system hangs when we send one urgent Byte beyond zero send window
 
(from 117470-07)
 
4708720 TCP/UDP make unwarranted ICMP M_CTL assumptions
5084452 ICMP can snipe away incipient TCP connections
6354773 some changes made by 5084452 do not work with x86
 
(from 117470-06)
 
4511681 TCP vulnerable to Denial Of Service via "ACK storm"
 
(from 117470-05)
 
6276464 reads on a tcp endpoint with synchronous streams can return extents of the input buffer unmodified
 
(from 117470-04)
 
6259389 race condition between cl_tcp_walk_list() and connection establishment
 
(from 117470-03)
 
5094229 driver hangs when accessing tt_open
 
(from 117470-02)
 
4846184 slow receiving process causes timer based ACKing
 
(from 117470-01)
 
5089150 binding to a port which has already been bound may incorrectly succeed


Patch Installation Instructions:
--------------------------------
 
For Solaris 2.0-2.6 releases, refer to the Install.info file and/or
the README within the patch for instructions on using the generic
'installpatch' and 'backoutpatch' scripts provided with each patch.
 
For Solaris 7-10 releases, refer to the man pages for instructions
on using 'patchadd' and 'patchrm' scripts provided with Solaris.
Any other special or non-generic installation instructions should be
described below as special instructions.  The following example
installs a patch to a standalone machine:
 
       example# patchadd /var/spool/patch/104945-02
 
The following example removes a patch from a standalone system:
 
       example# patchrm 104945-02
 
For additional examples please see the appropriate man pages.


Special Install Instructions:
-----------------------------
 
NOTE:   To get the complete fix for bug 4708720 (TCP/UDP make unwarranted
        ICMP M_CTL assumptions), please also install the following patch:
 
        114859-03 (or greater) udp patch


README -- Last modified date: Saturday, November 10, 2012