CVE-2010-3904
Linux Kernel Improper Input Validation Vulnerability
CVSS
—
No CVSS
EPSS
12.2%
p96
KEV
YES
May 12, 2023
Exploit Today
79
0-100
Published: — · Last modified: —
Product
Linux / Kernel
Vulnerability
Linux Kernel Improper Input Validation Vulnerability
Added to KEV
May 12, 2023
Remediate by
Jun 2, 2023
Known ransomware use
No
Summary description
Linux Kernel contains an improper input validation vulnerability in the Reliable Datagram Sockets (RDS) protocol implementation that allows local users to gain privileges via crafted use of the sendmsg and recvmsg system calls.
Required action
The impacted product is end-of-life and should be disconnected if still in use.
Notes
https://lkml.iu.edu/hypermail/linux/kernel/1601.3/06474.html; https://nvd.nist.gov/vuln/detail/CVE-2010-3904