Gentoo Patches for Kernel vulnerability CVE-2010-3904

Attention all Media, Gentoo users and my fellow Gentoo devs:

A new  kernel vulnerability has been reported and the gentoo bug has been filed. Within 4 hours of this filing, the kernel team has released the following:

The fix for CVE-2010-3904 has been back ported to all gentoo-source versions that are currently supported. (2.6.32-rX, 2.6.34-rX and 2.6.35-rX)

This fix is now released in the following genpatches:


The following newly released gentoo-sources kernels contain the patch:


The following stable request bugs have been filed for these kernels:

bug #341833 for gentoo-sources-2.6.32-r20
bug #341831 for gentoo-sources-2.6.34-r12

Please note that no stable request has been filed for 2.6.35-r11, as we wait for the prerequisite 30 days for the new baselayout to be requested to be stabled before we can do so.   If you are running a 2.6.35 gentoo-source kernel, please upgrade to the latest version. Note that as of this post, upstream has not released new vanilla kernel versions containing the fix.


  1. Bruno Yporti

    Great work! Thanks!

  2. admin (Post author)

    Thanks, Bruno

  3. kerframil

    Thanks for this post, the rapid response and for supporting previous (still relevant) instances of genpatches. The degree of maintainership demonstrated is second to none.

  4. Rich0

    Great job – thanks!

  5. katabami

    Folks, if you don’t enable “RDS” in the kernel config (see networking -> networking options -> RDS protocol, CONFIG_RDS),
    then it’s safe without this patch.

    Thanks a lot, Mike Pagano.

Leave a Comment

Your email address will not be published. Required fields are marked *