Back to search
CVE-2010-3859
Published: Dec 29, 2010
Modified: Aug 7, 2024
PUBLISHED
Description
Multiple integer signedness errors in the TIPC implementation in the Linux kernel before 2.6.36.2 allow local users to gain privileges via a crafted sendmsg call that triggers a heap-based buffer overflow, related to the tipc_msg_build function in net/tipc/msg.c and the verify_iovec function in net/core/iovec.c.
| Vendor | Product | Versions |
|---|---|---|
n/a | n/a | affected n/a |
References
42789
third-party-advisory
x_refsource_SECUNIA
ADV-2011-0024
vdb-entry
x_refsource_VUPEN
RHSA-2011:0004
vendor-advisory
x_refsource_REDHAT
[netdev] 20101021 TIPC security issues
mailing-list
x_refsource_MLIST
[netdev] 20101027 [PATCH 4/4] tipc: Fix bugs in sending of large amounts of byte-stream data
mailing-list
x_refsource_MLIST
20111013 VMSA-2011-0012 VMware ESXi and ESX updates to third party libraries and ESX Service Console
mailing-list
x_refsource_BUGTRAQ
46397
third-party-advisory
x_refsource_SECUNIA
[netdev] 20101027 [PATCH 1/4] tipc: Fix bugs in tipc_msg_calc_data_size()
mailing-list
x_refsource_MLIST
https://bugzilla.redhat.com/show_bug.cgi?id=645867
x_refsource_CONFIRM
[netdev] 20101027 [PATCH 0/4] RFC: tipc int vs size_t fixes
mailing-list
x_refsource_MLIST
[netdev] 20101028 Re: [PATCH 2/4] tipc: Fix bugs in tipc_msg_build()
mailing-list
x_refsource_MLIST
http://www.kernel.org/pub/linux/kernel/v2.6/ChangeLog-2.6.36.2
x_refsource_CONFIRM
[oss-security] 20101022 CVE request: kernel: heap overflow in TIPC
mailing-list
x_refsource_MLIST
42963
third-party-advisory
x_refsource_SECUNIA
44354
vdb-entry
x_refsource_BID
[netdev] 20101027 [PATCH 3/4] tipc: Update arguments to use size_t for iovec array sizes
mailing-list
x_refsource_MLIST
http://www.vmware.com/security/advisories/VMSA-2011-0012.html
x_refsource_CONFIRM
RHSA-2011:0162
vendor-advisory
x_refsource_REDHAT
[netdev] 20101027 [PATCH 2/4] tipc: Fix bugs in tipc_msg_build()
mailing-list
x_refsource_MLIST
ADV-2011-0168
vdb-entry
x_refsource_VUPEN
MDVSA-2011:029
vendor-advisory
x_refsource_MANDRIVA
[netdev] 20101027 Re: [PATCH 1/4] tipc: Fix bugs in tipc_msg_calc_data_size()
mailing-list
x_refsource_MLIST
[oss-security] 20101022 Re: CVE request: kernel: heap overflow in TIPC
mailing-list
x_refsource_MLIST
DSA-2126
vendor-advisory
x_refsource_DEBIAN
Security Training
Train your team to recognize and prevent security threats with our comprehensive security awareness program.
Start TrainingVulnerability Scanning
Discover vulnerabilities in your applications and infrastructure before attackers do.
Scan Now