CyberSec.Space Logo
Back to CVE Browser

CVE-2010-3904

Known Exploited (CISA KEV)HIGH
7.8
CVSS Severity Score
EPSS Score36.6060%
EPSS Percentile91.15th
PublishedDec 6, 2010
Last ModifiedApr 21, 2026

Vulnerability Description

The rds_page_copy_user function in net/rds/page.c in the Reliable Datagram Sockets (RDS) protocol implementation in the Linux kernel before 2.6.36 does not properly validate addresses obtained from user space, which allows local users to gain privileges via crafted use of the sendmsg and recvmsg system calls.

Affected Platforms (CPE)

πŸ’»
Linux

Linux Kernel

< 2.6.36
πŸ’»
Opensuse

Opensuse

= 11.2
πŸ’»
Opensuse

Opensuse

= 11.3
πŸ’»
Suse

Linux Enterprise Desktop

= 11
πŸ’»
Suse

Linux Enterprise Real Time Extension

= 11
πŸ’»
Suse

Linux Enterprise Server

= 11
πŸ’»
Canonical

Ubuntu Linux

= 6.06
πŸ’»
Canonical

Ubuntu Linux

= 8.04
πŸ’»
Canonical

Ubuntu Linux

= 9.04
πŸ’»
Canonical

Ubuntu Linux

= 9.10
πŸ’»
Canonical

Ubuntu Linux

= 10.04
πŸ’»
Canonical

Ubuntu Linux

= 10.10
πŸ’»
Redhat

Enterprise Linux

= 5.0
πŸ’»
Redhat

Enterprise Linux

= 6.0
πŸ’»
Vmware

Esxi

= 3.5
πŸ’»
Vmware

Esxi

= 4.0
πŸ’»
Vmware

Esxi

= 4.1
πŸ’»
Vmware

Esxi

= 5.0

References & Advisories

πŸ”— http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commit%3Bh=799c10559d60f159ab2232203f222f18fa3c4a5f
πŸ”— http://lists.opensuse.org/opensuse-security-announce/2010-10/msg00008.html
πŸ”— http://lists.opensuse.org/opensuse-security-announce/2010-11/msg00004.html
πŸ”— http://lists.opensuse.org/opensuse-security-announce/2011-02/msg00000.html
πŸ”— http://packetstormsecurity.com/files/155751/vReliable-Datagram-Sockets-RDS-rds_page_copy_user-Privilege-Escalation.html
πŸ”— http://secunia.com/advisories/46397
πŸ”— http://securitytracker.com/id?1024613
πŸ”— http://www.kb.cert.org/vuls/id/362983

Related Vulnerabilities

CVE-2000-074710.0

The logrotate script for OpenLDAP before 1.2.11 in Conectiva Linux sends an improper signal to the kernel log daemon (klogd) and k...

CVE-2002-157210.0

Signed integer overflow in the bttv_read function in the bttv driver (bttv-driver.c) in Linux kernel before 2.4.20 has unknown imp...

CVE-2000-050610.0

The "capabilities" feature in Linux before 2.2.16 allows local users to cause a denial of service or gain privileges by setting th...

CVE-2002-157310.0

Unspecified vulnerability in the pcilynx ieee1394 firewire driver (pcilynx.c) in Linux kernel before 2.4.20 has unknown impact and...