CVE-2010-3904

HIGH Year: 2010
CVSS v3 Score
7.8
High
CVSS v2 Score
7.2
High
Weakness Type
CWE-1284
View all →

Vulnerability Description

The rds_page_copy_user function in net/rds/page.c in the Reliable Datagram Sockets (RDS) protocol implementation in the Linux kernel before 2.6.36 does not properly validate addresses obtained from user space, which allows local users to gain privileges via crafted use of the sendmsg and recvmsg system calls.

Related Vulnerabilities

CVE-2021-1081

HIGH
CVSS:7.8(High)

NVIDIA vGPU software contains a vulnerability in the guest kernel mode driver and Virtual GPU manager (vGPU plugin), in which an input length is not validated, which may lead to information disclosure...

CWE-12842021

CVE-2021-1082

HIGH
CVSS:7.8(High)

NVIDIA vGPU software contains a vulnerability in the Virtual GPU Manager (vGPU plugin), in which an input length is not validated, which may lead to information disclosure, tampering of data, or denia...

CWE-12842021

CVE-2021-1083

HIGH
CVSS:7.8(High)

NVIDIA vGPU software contains a vulnerability in the guest kernel mode driver and Virtual GPU Manager (vGPU plugin), in which an input length is not validated, which may lead to information disclosure...

CWE-12842021

CVE-2021-30350

HIGH
CVSS:7.8(High)

Lack of MBN header size verification against input buffer can lead to memory corruption in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial ...

CWE-12842021

CVE-2021-35132

HIGH
CVSS:7.8(High)

Out of bound write in DSP service due to improper bound check for response buffer size in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial I...

CWE-12842021

CVE-2021-47251

HIGH
CVSS:7.8(High)

In the Linux kernel, the following vulnerability has been resolved: mac80211: fix skb length check in ieee80211_scan_rx() Replace hard-coded compile-time constants for header length check with dynamic...

CWE-12842021