Description: Linux RDS Protocol Local Privilege Escalation CVE-2010-3904
Release Date : 2010-10-19
Affected : Linux Kernel 2.6.30 - 2.6.36-rc8
Vendor Status : Patch Released
Discovered by : Dan Rosenberg
CVE Candidate : CVE-2010-3904
On October 13th, VSR identified a vulnerability in the RDS protocol, as implemented in the Linux kernel. Because kernel functions responsible for copying data between kernel and user space failed to verify that a user-provided address actually resided in the user segment, a local attacker could issue specially crafted socket function calls to write abritrary values into kernel memory. By leveraging this capability, it is possible for unprivileged users to escalate privileges to root.
Disclaimer: We are a infosec video aggregator and this video is linked from an external website. The original author may be different from the user re-posting/linking it here. Please do not assume the authors to be same without verifying.