Back to search
CVE-2010-3904
Published: Dec 6, 2010
Modified: Oct 22, 2025
PUBLISHED
Description
The rds_page_copy_user function in net/rds/page.c in the Reliable Datagram Sockets (RDS) protocol implementation in the Linux kernel before 2.6.36 does not properly validate addresses obtained from user space, which allows local users to gain privileges via crafted use of the sendmsg and recvmsg system calls.
| Vendor | Product | Versions |
|---|---|---|
n/a | n/a | affected n/a |
References
VU#362983
third-party-advisory
x_refsource_CERT-VN
http://www.vsecurity.com/download/tools/linux-rds-exploit.c
x_refsource_MISC
USN-1000-1
vendor-advisory
x_refsource_UBUNTU
20111013 VMSA-2011-0012 VMware ESXi and ESX updates to third party libraries and ESX Service Console
mailing-list
x_refsource_BUGTRAQ
46397
third-party-advisory
x_refsource_SECUNIA
44677
exploit
x_refsource_EXPLOIT-DB
1024613
vdb-entry
x_refsource_SECTRACK
SUSE-SA:2011:007
vendor-advisory
x_refsource_SUSE
RHSA-2010:0842
vendor-advisory
x_refsource_REDHAT
ADV-2011-0298
vdb-entry
x_refsource_VUPEN
https://bugzilla.redhat.com/show_bug.cgi?id=642896
x_refsource_CONFIRM
SUSE-SA:2010:057
vendor-advisory
x_refsource_SUSE
http://www.vmware.com/security/advisories/VMSA-2011-0012.html
x_refsource_CONFIRM
http://www.kernel.org/pub/linux/kernel/v2.6/ChangeLog-2.6.36
x_refsource_CONFIRM
http://www.vsecurity.com/resources/advisory/20101019-1/
x_refsource_MISC
RHSA-2010:0792
vendor-advisory
x_refsource_REDHAT
SUSE-SA:2010:053
vendor-advisory
x_refsource_SUSE
Security Training
Train your team to recognize and prevent security threats with our comprehensive security awareness program.
Start TrainingVulnerability Scanning
Discover vulnerabilities in your applications and infrastructure before attackers do.
Scan Now