Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
cveCanonicalCVE-2010-3904
HistoryDec 06, 2010 - 8:13 p.m.

CVE-2010-3904

2010-12-0620:13:00
CWE-1284
canonical
web.nvd.nist.gov
429
In Wild
14
cve-2010-3904
rds_page_copy_user
linux kernel
rds protocol
privilege escalation
sendmsg
recvmsg
nvd

CVSS2

7.2

Attack Vector

LOCAL

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:L/AC:L/Au:N/C:C/I:C/A:C

CVSS3

7.8

Attack Vector

LOCAL

Attack Complexity

LOW

Privileges Required

LOW

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

AI Score

6.4

Confidence

High

EPSS

0.001

Percentile

48.7%

JSON

The rds_page_copy_user function in net/rds/page.c in the Reliable Datagram Sockets (RDS) protocol implementation in the Linux kernel before 2.6.36 does not properly validate addresses obtained from user space, which allows local users to gain privileges via crafted use of the sendmsg and recvmsg system calls.

Affected configurations

Nvd
Node
linuxlinux_kernelRange<2.6.36
Node
opensuseopensuseMatch11.2
OR
opensuseopensuseMatch11.3
OR
suselinux_enterprise_desktopMatch11sp1
OR
suselinux_enterprise_real_time_extensionMatch11sp1
OR
suselinux_enterprise_serverMatch11sp1
Node
canonicalubuntu_linuxMatch6.06
OR
canonicalubuntu_linuxMatch8.04-
OR
canonicalubuntu_linuxMatch9.04
OR
canonicalubuntu_linuxMatch9.10
OR
canonicalubuntu_linuxMatch10.04-
OR
canonicalubuntu_linuxMatch10.10
Node
redhatenterprise_linuxMatch5.0
OR
redhatenterprise_linuxMatch6.0
Node
vmwareesxiMatch3.5
OR
vmwareesxiMatch4.0
OR
vmwareesxiMatch4.1
OR
vmwareesxiMatch5.0
VendorProductVersionCPE
linuxlinux_kernel*cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*
opensuseopensuse11.2cpe:2.3:o:opensuse:opensuse:11.2:*:*:*:*:*:*:*
opensuseopensuse11.3cpe:2.3:o:opensuse:opensuse:11.3:*:*:*:*:*:*:*
suselinux_enterprise_desktop11cpe:2.3:o:suse:linux_enterprise_desktop:11:sp1:*:*:*:*:*:*
suselinux_enterprise_real_time_extension11cpe:2.3:o:suse:linux_enterprise_real_time_extension:11:sp1:*:*:*:*:*:*
suselinux_enterprise_server11cpe:2.3:o:suse:linux_enterprise_server:11:sp1:*:*:*:*:*:*
canonicalubuntu_linux6.06cpe:2.3:o:canonical:ubuntu_linux:6.06:*:*:*:*:*:*:*
canonicalubuntu_linux8.04cpe:2.3:o:canonical:ubuntu_linux:8.04:*:*:*:-:*:*:*
canonicalubuntu_linux9.04cpe:2.3:o:canonical:ubuntu_linux:9.04:*:*:*:*:*:*:*
canonicalubuntu_linux9.10cpe:2.3:o:canonical:ubuntu_linux:9.10:*:*:*:*:*:*:*
Rows per page:
1-10 of 181

References

Social References

More

Related

prion 1
exploitdb 2
altlinux 1
packetstorm 2
ubuntucve 1
seebug 3
cvelist 1
zdt 4
exploitpack 1
veracode 1
openvas 50
attackerkb 1
oraclelinux 6
nessus 19
cisa_kev 1
metasploit 2
nvd 1
centos 1
securityvulns 3
redhat 2
canvas 1
cert 1
suse 3
thn 1
fedora 14
ubuntu 6
vmware 2
prion
prion
Design/Logic Flaw
2010-12-06 20:13:00
exploitdb
exploitdb
Linux Kernel 2.6.36-rc8 - &#039;RDS Protocol&#039; Local Privilege Escalation
2010-10-19 00:00:00
Linux 2.6.30 &lt; 2.6.36-rc8 - Reliable Datagram Sockets (RDS) Privilege Escalation (Metasploit)
2018-05-21 00:00:00
altlinux
altlinux
Security fix for the ALT Linux 6 package kernel-image-hpc-skif version 2.6.32-alt24
2010-10-20 00:00:00
packetstorm
packetstorm
vReliable Datagram Sockets (RDS) rds_page_copy_user Privilege Escalation
2019-12-23 00:00:00
Reliable Datagram Sockets (RDS) Privilege Escalation
2018-05-19 00:00:00
ubuntucve
ubuntucve
CVE-2010-3904
2010-10-19 00:00:00
seebug
seebug
Linux RDS Protocol Local Privilege Escalation
2010-10-26 00:00:00
Linux Kernel RDS协议本地权限提升漏洞
2010-10-26 00:00:00
Linux Kernel <= 2.6.36-rc8 - RDS Protocol Local Privilege Escalation
2014-07-01 00:00:00
cvelist
cvelist
CVE-2010-3904
2010-12-06 20:00:00
zdt
zdt
Reliable Datagram Sockets (RDS) Privilege Escalation Exploit
2018-05-19 00:00:00
Linux RDS Protocol Local Privilege Escalation
2010-10-20 00:00:00
vReliable Datagram Sockets (RDS) rds_page_copy_user Privilege Escalation Exploit
2019-12-24 00:00:00
exploitpack
exploitpack
Linux Kernel 2.6.36-rc8 - RDS Protocol Local Privilege Escalation
2010-10-19 00:00:00
veracode
veracode
Privilege Escalation
2020-04-10 00:50:15
openvas
openvas
CentOS Update for kernel CESA-2010:0792 centos5 i386
2011-08-09 00:00:00
RedHat Update for kernel RHSA-2010:0792-01
2010-11-04 00:00:00
Oracle: Security Advisory (ELSA-2010-2010)
2015-10-06 00:00:00
attackerkb
attackerkb
CVE-2010-3904
2010-12-06 00:00:00
oraclelinux
oraclelinux
kernel security update
2010-10-27 00:00:00
kernel security update
2010-10-22 00:00:00
Oracle Linux 5 Unbreakable Enterprise kernel security fix update
2010-10-22 00:00:00
nessus
nessus
Oracle Linux 5 : kernel (ELSA-2010-0792)
2013-07-12 00:00:00
CentOS 5 : kernel (CESA-2010:0792)
2010-11-24 00:00:00
Scientific Linux Security Update : kernel on SL5.x i386/x86_64
2012-08-01 00:00:00
cisa_kev
cisa_kev
Linux Kernel Improper Input Validation Vulnerability
2023-05-12 00:00:00
metasploit
metasploit
Reliable Datagram Sockets (RDS) Privilege Escalation
2018-05-03 12:51:21
Reliable Datagram Sockets (RDS) rds_page_copy_user Privilege Escalation
2019-12-18 20:05:19
nvd
nvd
CVE-2010-3904
2010-12-06 20:13:00
centos
centos
kernel security update
2010-10-26 06:38:54
securityvulns
securityvulns
Linux kernel RDS protocol privilege escalation
2010-10-24 00:00:00
VSR Advisories: Linux RDS Protocol Local Privilege Escalation
2010-10-24 00:00:00
NGS000267 Technical Advisory: Symantec Messaging Gateway SSH with backdoor user account plus privilege escalation to root due to very old Kernel
2012-12-02 00:00:00
redhat
redhat
(RHSA-2010:0792) Important: kernel security update
2010-10-25 00:00:00
(RHSA-2010:0842) Important: kernel security and bug fix update
2010-11-10 00:00:00
canvas
canvas
Immunity Canvas: LINUX_RDS
2010-12-06 20:13:00
cert
cert
Linux kernel RDS protocol vulnerability
2010-10-25 00:00:00
suse
suse
local privilege escalation in kernel
2010-10-28 16:14:32
local privilege escalation in kernel
2010-11-11 15:47:32
remote denial of service, local privilege in kernel-rt
2011-02-07 11:58:56
thn
thn
Warning: Samsung Devices Under Attack! New Security Flaw Exposed
2023-05-20 04:15:00
fedora
fedora
[SECURITY] Fedora 14 Update: kernel-2.6.35.6-48.fc14
2010-10-28 06:10:03
[SECURITY] Fedora 14 Update: kernel-2.6.35.9-64.fc14
2010-12-05 00:42:46
[SECURITY] Fedora 14 Update: kernel-2.6.35.13-92.fc14
2011-06-11 04:22:38
ubuntu
ubuntu
Linux kernel vulnerabilities
2010-10-19 00:00:00
Linux kernel (OMAP4) vulnerabilities
2011-04-20 00:00:00
Linux kernel vulnerabilities
2011-02-28 00:00:00
vmware
vmware
VMware ESXi and ESX updates to third party libraries and ESX Service Console
2011-10-12 00:00:00
VMware ESX third party updates for Service Console packages glibc and dhcp
2011-10-12 00:00:00

CVSS2

7.2

Attack Vector

LOCAL

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:L/AC:L/Au:N/C:C/I:C/A:C

CVSS3

7.8

Attack Vector

LOCAL

Attack Complexity

LOW

Privileges Required

LOW

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

AI Score

6.4

Confidence

High

EPSS

0.001

Percentile

48.7%

JSON
Related for CVE-2010-3904
prion1exploitdb2altlinux1packetstorm2ubuntucve1seebug3cvelist1zdt4exploitpack1veracode1openvas50attackerkb1oraclelinux6nessus19cisa_kev1metasploit2nvd1centos1securityvulns3redhat2canvas1cert1suse3thn1fedora14ubuntu6vmware2