Published: 29/12/2010 Updated: 13/02/2023

CVSS v2 Base Score: 6.9 | Impact Score: 10 | Exploitability Score: 3.4

VMScore: 615

Vector: AV:L/AC:M/Au:N/C:C/I:C/A:C

Multiple integer signedness errors in the TIPC implementation in the Linux kernel prior to 2.6.36.2 allow local users to gain privileges via a crafted sendmsg call that triggers a heap-based buffer overflow, related to the tipc_msg_build function in net/tipc/msg.c and the verify_iovec function in net/core/iovec.c.

Vulnerable Product	Search on Vulmon	Subscribe to Product
linux linux kernel
debian debian linux 5.0

Multiple kernel flaws have been fixed ...

Multiple kernel flaws ...

Tavis Ormandy discovered that the Linux kernel did not properly implement exception fixup A local attacker could exploit this to crash the kernel, leading to a denial of service (CVE-2010-3086) ...

Multiple kernel flaws ...

An attacker could send crafted input to the kernel and cause it to crash ...

Multiple kernel vulnerablilities ...

Multiple kernel flaws have been fixed ...

Multiple kernel flaws ...

Ubuntu Security Notice 1202-1 - Dan Rosenberg discovered that several network ioctls did not clear kernel memory correctly A local user could exploit this to read kernel stack memory, leading to a loss of privacy Brad Spengler discovered that stack memory for new a process was not correctly calculated A local attacker could exploit this to crash ...

CWE-787 http://www.spinics.net/lists/netdev/msg145248.html http://www.spinics.net/lists/netdev/msg145262.html http://www.spinics.net/lists/netdev/msg145263.html http://www.spinics.net/lists/netdev/msg145265.html http://www.spinics.net/lists/netdev/msg145264.html http://www.kernel.org/pub/linux/kernel/v2.6/ChangeLog-2.6.36.2 https://bugzilla.redhat.com/show_bug.cgi?id=645867 http://www.openwall.com/lists/oss-security/2010/10/22/2 http://www.spinics.net/lists/netdev/msg145352.html http://www.spinics.net/lists/netdev/msg145247.html http://www.openwall.com/lists/oss-security/2010/10/22/5 http://www.redhat.com/support/errata/RHSA-2011-0004.html http://www.debian.org/security/2010/dsa-2126 http://www.vupen.com/english/advisories/2011/0024 http://secunia.com/advisories/42789 http://www.securityfocus.com/bid/44354 http://secunia.com/advisories/42963 http://www.redhat.com/support/errata/RHSA-2011-0162.html http://www.vupen.com/english/advisories/2011/0168 http://www.mandriva.com/security/advisories?name=MDVSA-2011:029 http://secunia.com/advisories/46397 http://www.vmware.com/security/advisories/VMSA-2011-0012.html http://marc.info/?l=linux-netdev&m=128770476511716&w=2 http://www.securityfocus.com/archive/1/520102/100/0/threaded http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commit%3Bh=253eacc070b114c2ec1f81b067d2fed7305467b0 http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commit%3Bh=8acfe468b0384e834a303f08ebc4953d72fb690a https://nvd.nist.gov https://packetstormsecurity.com/files/105078/Ubuntu-Security-Notice-USN-1202-1.html https://usn.ubuntu.com/1204-1/

Get Started

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

Home Recent Vulnerabilities Research Posts Trends Blog About Contact

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Twitter Reddit Linkedin Facebook

CVE-2010-3859

Vulnerability Summary

Vulnerability Trend

Vendor Advisories

Exploits

References

Vulmon Search

About

Products

Connect