The crypto pseudo device driver in Sun Solaris 10, and OpenSolaris snv_88 through snv_102, does not properly free memory, which allows local users to cause a denial of service (panic) via unspecified vectors, related to the vmem_hash_delete function.
| Name | Vendor | Start Version | End Version |
|---|---|---|---|
| Opensolaris | Sun | snv_88 (including) | snv_88 (including) |
| Opensolaris | Sun | snv_89 (including) | snv_89 (including) |
| Opensolaris | Sun | snv_90 (including) | snv_90 (including) |
| Opensolaris | Sun | snv_90-x86 (including) | snv_90-x86 (including) |
| Opensolaris | Sun | snv_91 (including) | snv_91 (including) |
| Opensolaris | Sun | snv_92 (including) | snv_92 (including) |
| Opensolaris | Sun | snv_93 (including) | snv_93 (including) |
| Opensolaris | Sun | snv_94 (including) | snv_94 (including) |
| Opensolaris | Sun | snv_95 (including) | snv_95 (including) |
| Opensolaris | Sun | snv_96 (including) | snv_96 (including) |
| Opensolaris | Sun | snv_97 (including) | snv_97 (including) |
| Opensolaris | Sun | snv_98 (including) | snv_98 (including) |
| Opensolaris | Sun | snv_99 (including) | snv_99 (including) |
| Opensolaris | Sun | snv_100 (including) | snv_100 (including) |
| Opensolaris | Sun | snv_101 (including) | snv_101 (including) |
| Opensolaris | Sun | snv_101b (including) | snv_101b (including) |
| Opensolaris | Sun | snv_102 (including) | snv_102 (including) |
| Sunos | Sun | 5.10 (including) | 5.10 (including) |