Vulnerability Note VU#362983
Linux kernel RDS protocol vulnerability
The RDS protocol implementation of Linux kernels 2.6.30 through 2.6.38-rc8 contain a local privilege escalation vulnerability.
Kernel functions fail to properly check if a user supplied address exists in the user segment of memory. By providing a kernel address to a socket call an unprivileged user can execute arbitrary code as root. Additional details can be found in the VSR Security Advisory.
An unprivileged local attacker can escalate their privileges to root.
Apply an update for the specific Linux distribution used.
If the RDS protocol is not needed, it can be disabled with the following command run as root.
echo "alias net-pf-21 off" > /etc/modprobe.d/disable-rds
Vendor Information (Learn More)
If you are a vendor and your product is affected, let
|Vendor||Status||Date Notified||Date Updated|
|Debian GNU/Linux||Affected||-||25 Oct 2010|
|Gentoo Linux||Affected||-||25 Oct 2010|
|Red Hat, Inc.||Affected||-||25 Oct 2010|
|Slackware Linux Inc.||Affected||-||25 Oct 2010|
|Ubuntu||Affected||-||25 Oct 2010|
Thanks to Dan Rosenberg of Virtual Security Research for researching and publishing the details of this vulnerability.
This document was written by Jared Allar.
19 Oct 2010
Date First Published:
25 Oct 2010
Date Last Updated:
25 Oct 2010
If you have feedback, comments, or additional information about this vulnerability, please send us email.