CVE-2010-3081

CVE Database · CVE-2010-3081

CVE-2010-3081

· HIGHModified

CVSS v3.1

7.8

EPSS

3.53%

Published

Sep 24, 2010

Modified

Apr 28, 2026

Public PoC / Exploit (2)

All weaponized →

Exploit-DBLinux Kernel 2.6.27 < 2.6.36 (RedHat x86-64) - 'compat' Local Privilege Escalation TrickestTrickest PoC index

Links to public security research (Exploit-DB, Nuclei, Trickest, GitHub) for defensive use only.

Description

The compat_alloc_user_space functions in include/asm/compat.h files in the Linux kernel before 2.6.36-rc4-git2 on 64-bit platforms do not properly allocate the userspace memory required for the 32-bit compatibility layer, which allows local users to gain privileges by leveraging the ability of the compat_mc_getsockopt function (aka the MCAST_MSFILTER getsockopt support) to control a certain length value, related to a "stack pointer underflow" issue, as exploited in the wild in September 2010.

CVSS Vector

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

Weaknesses (CWE)

CWE-119

Affected Products (9)

linux · linux_kernelvulnerable