The rds_page_copy_user function in net/rds/page.c in the Reliable Datagram Sockets (RDS) protocol implementation in the Linux kernel prior to 2.6.36 does not properly validate addresses obtained from user space, which allows local users to gain privileges via crafted use of the sendmsg and recvmsg system calls.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
linux linux kernel |
||
suse linux enterprise desktop 11 |
||
suse linux enterprise server 11 |
||
opensuse opensuse 11.2 |
||
opensuse opensuse 11.3 |
||
suse linux enterprise real time extension 11 |
||
canonical ubuntu linux 10.10 |
||
canonical ubuntu linux 9.04 |
||
canonical ubuntu linux 9.10 |
||
canonical ubuntu linux 8.04 |
||
canonical ubuntu linux 10.04 |
||
canonical ubuntu linux 6.06 |