{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/87644?format=json","vulnerability_id":"VCID-fjh9-4gn3-6feg","summary":"kernel: sctp memory corruption in HMAC handling","aliases":[{"alias":"CVE-2010-3705"}],"fixed_packages":[],"affected_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/127594?format=json","purl":"pkg:rpm/redhat/kernel@2.6.32-71.7.1?arch=el6","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-229q-sxf7-8bgu"},{"vulnerability":"VCID-3vwf-bjs1-6bg9"},{"vulnerability":"VCID-4k1s-fghb-p3bb"},{"vulnerability":"VCID-5dmd-zwje-pqek"},{"vulnerability":"VCID-8fkd-5ked-xyes"},{"vulnerability":"VCID-fjh9-4gn3-6feg"},{"vulnerability":"VCID-nftw-r2j9-y7cp"},{"vulnerability":"VCID-pmch-au5t-2fh5"},{"vulnerability":"VCID-qnqy-k1r2-ckf5"},{"vulnerability":"VCID-ux7d-jpk1-7ubt"},{"vulnerability":"VCID-vwj3-5b6z-17b1"},{"vulnerability":"VCID-xcnp-gudk-3fec"},{"vulnerability":"VCID-xps7-6pp7-a3b6"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:rpm/redhat/kernel@2.6.32-71.7.1%3Farch=el6"},{"url":"http://public2.vulnerablecode.io/api/packages/127555?format=json","purl":"pkg:rpm/redhat/kernel-rt@2.6.33.7-rt29.47?arch=el5rt","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-22bx-f76m-e3c1"},{"vulnerability":"VCID-2m8w-7whg-jube"},{"vulnerability":"VCID-3egz-urd4-yfbw"},{"vulnerability":"VCID-519v-6b9u-dygr"},{"vulnerability":"VCID-5x5t-fnw6-kqea"},{"vulnerability":"VCID-643a-mvrh-bbap"},{"vulnerability":"VCID-8fkd-5ked-xyes"},{"vulnerability":"VCID-ashs-ew8u-qubr"},{"vulnerability":"VCID-f744-pabt-7ffu"},{"vulnerability":"VCID-fjh9-4gn3-6feg"},{"vulnerability":"VCID-j49x-d5sv-wkek"},{"vulnerability":"VCID-m6hm-2cau-4fdg"},{"vulnerability":"VCID-nej4-chcw-fqah"},{"vulnerability":"VCID-nq55-xn3b-8qdm"},{"vulnerability":"VCID-pmch-au5t-2fh5"},{"vulnerability":"VCID-pqms-kbb2-wua8"},{"vulnerability":"VCID-rdyv-juby-e3gq"},{"vulnerability":"VCID-t5zj-36y8-bbdt"},{"vulnerability":"VCID-v5g5-3pv6-dqa4"},{"vulnerability":"VCID-vwj3-5b6z-17b1"},{"vulnerability":"VCID-zwvt-5gfz-suda"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:rpm/redhat/kernel-rt@2.6.33.7-rt29.47%3Farch=el5rt"}],"references":[{"reference_url":"http://git.kernel.org/?p=linux/kernel/git/davem/net-2.6.git%3Ba=commit%3Bh=51e97a12bef19b7e43199fc153cf9bd5f2140362","reference_id":"","reference_type":"","scores":[],"url":"http://git.kernel.org/?p=linux/kernel/git/davem/net-2.6.git%3Ba=commit%3Bh=51e97a12bef19b7e43199fc153cf9bd5f2140362"},{"reference_url":"http://lists.fedoraproject.org/pipermail/package-announce/2010-December/052513.html","reference_id":"","reference_type":"","scores":[],"url":"http://lists.fedoraproject.org/pipermail/package-announce/2010-December/052513.html"},{"reference_url":"http://marc.info/?l=linux-kernel&m=128596992418814&w=2","reference_id":"","reference_type":"","scores":[],"url":"http://marc.info/?l=linux-kernel&m=128596992418814&w=2"},{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2010-3705.json","reference_id":"","reference_type":"","scores":[],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2010-3705.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2010-3705","reference_id":"","reference_type":"","scores":[{"value":"0.01215","scoring_system":"epss","scoring_elements":"0.79102","published_at":"2026-04-29T12:55:00Z"},{"value":"0.01215","scoring_system":"epss","scoring_elements":"0.78979","published_at":"2026-04-01T12:55:00Z"},{"value":"0.01215","scoring_system":"epss","scoring_elements":"0.78985","published_at":"2026-04-02T12:55:00Z"},{"value":"0.01215","scoring_system":"epss","scoring_elements":"0.79011","published_at":"2026-04-04T12:55:00Z"},{"value":"0.01215","scoring_system":"epss","scoring_elements":"0.78996","published_at":"2026-04-07T12:55:00Z"},{"value":"0.01215","scoring_system":"epss","scoring_elements":"0.7902","published_at":"2026-04-08T12:55:00Z"},{"value":"0.01215","scoring_system":"epss","scoring_elements":"0.79027","published_at":"2026-04-09T12:55:00Z"},{"value":"0.01215","scoring_system":"epss","scoring_elements":"0.79051","published_at":"2026-04-11T12:55:00Z"},{"value":"0.01215","scoring_system":"epss","scoring_elements":"0.79035","published_at":"2026-04-12T12:55:00Z"},{"value":"0.01215","scoring_system":"epss","scoring_elements":"0.79025","published_at":"2026-04-13T12:55:00Z"},{"value":"0.01215","scoring_system":"epss","scoring_elements":"0.79053","published_at":"2026-04-16T12:55:00Z"},{"value":"0.01215","scoring_system":"epss","scoring_elements":"0.7905","published_at":"2026-04-18T12:55:00Z"},{"value":"0.01215","scoring_system":"epss","scoring_elements":"0.79048","published_at":"2026-04-21T12:55:00Z"},{"value":"0.01215","scoring_system":"epss","scoring_elements":"0.79082","published_at":"2026-04-24T12:55:00Z"},{"value":"0.01215","scoring_system":"epss","scoring_elements":"0.79088","published_at":"2026-04-26T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2010-3705"},{"reference_url":"http://secunia.com/advisories/42745","reference_id":"","reference_type":"","scores":[],"url":"http://secunia.com/advisories/42745"},{"reference_url":"http://www.debian.org/security/2010/dsa-2126","reference_id":"","reference_type":"","scores":[],"url":"http://www.debian.org/security/2010/dsa-2126"},{"reference_url":"http://www.kernel.org/pub/linux/kernel/v2.6/ChangeLog-2.6.36","reference_id":"","reference_type":"","scores":[],"url":"http://www.kernel.org/pub/linux/kernel/v2.6/ChangeLog-2.6.36"},{"reference_url":"http://www.mandriva.com/security/advisories?name=MDVSA-2011:029","reference_id":"","reference_type":"","scores":[],"url":"http://www.mandriva.com/security/advisories?name=MDVSA-2011:029"},{"reference_url":"http://www.openwall.com/lists/oss-security/2010/10/04/2","reference_id":"","reference_type":"","scores":[],"url":"http://www.openwall.com/lists/oss-security/2010/10/04/2"},{"reference_url":"http://www.openwall.com/lists/oss-security/2010/10/04/7","reference_id":"","reference_type":"","scores":[],"url":"http://www.openwall.com/lists/oss-security/2010/10/04/7"},{"reference_url":"http://www.redhat.com/support/errata/RHSA-2010-0842.html","reference_id":"","reference_type":"","scores":[],"url":"http://www.redhat.com/support/errata/RHSA-2010-0842.html"},{"reference_url":"http://www.redhat.com/support/errata/RHSA-2010-0958.html","reference_id":"","reference_type":"","scores":[],"url":"http://www.redhat.com/support/errata/RHSA-2010-0958.html"},{"reference_url":"http://www.ubuntu.com/usn/USN-1000-1","reference_id":"","reference_type":"","scores":[],"url":"http://www.ubuntu.com/usn/USN-1000-1"},{"reference_url":"http://www.vupen.com/english/advisories/2010/3321","reference_id":"","reference_type":"","scores":[],"url":"http://www.vupen.com/english/advisories/2010/3321"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=640036","reference_id":"640036","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=640036"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:10.04:*:*:*:-:*:*:*","reference_id":"cpe:2.3:o:canonical:ubuntu_linux:10.04:*:*:*:-:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:10.04:*:*:*:-:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:10.10:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:canonical:ubuntu_linux:10.10:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:10.10:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:6.06:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:canonical:ubuntu_linux:6.06:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:6.06:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:8.04:*:*:*:-:*:*:*","reference_id":"cpe:2.3:o:canonical:ubuntu_linux:8.04:*:*:*:-:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:8.04:*:*:*:-:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:9.04:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:canonical:ubuntu_linux:9.04:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:9.04:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:9.10:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:canonical:ubuntu_linux:9.10:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:9.10:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:5.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:debian:debian_linux:5.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:5.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:fedoraproject:fedora:13:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:fedoraproject:fedora:13:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:fedoraproject:fedora:13:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2010-3705","reference_id":"CVE-2010-3705","reference_type":"","scores":[{"value":"8.3","scoring_system":"cvssv2","scoring_elements":"AV:A/AC:L/Au:N/C:C/I:C/A:C"}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2010-3705"},{"reference_url":"https://access.redhat.com/errata/RHSA-2010:0842","reference_id":"RHSA-2010:0842","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2010:0842"},{"reference_url":"https://access.redhat.com/errata/RHSA-2010:0958","reference_id":"RHSA-2010:0958","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2010:0958"},{"reference_url":"https://usn.ubuntu.com/1000-1/","reference_id":"USN-1000-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/1000-1/"},{"reference_url":"https://usn.ubuntu.com/1074-1/","reference_id":"USN-1074-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/1074-1/"},{"reference_url":"https://usn.ubuntu.com/1074-2/","reference_id":"USN-1074-2","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/1074-2/"},{"reference_url":"https://usn.ubuntu.com/1083-1/","reference_id":"USN-1083-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/1083-1/"},{"reference_url":"https://usn.ubuntu.com/1093-1/","reference_id":"USN-1093-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/1093-1/"},{"reference_url":"https://usn.ubuntu.com/1119-1/","reference_id":"USN-1119-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/1119-1/"}],"weaknesses":[{"cwe_id":228,"name":"Improper Handling of Syntactically Invalid Structure","description":"The product does not handle or incorrectly handles input that is not syntactically well-formed with respect to the associated specification."},{"cwe_id":119,"name":"Improper Restriction of Operations within the Bounds of a Memory Buffer","description":"The product performs operations on a memory buffer, but it can read from or write to a memory location that is outside of the intended boundary of the buffer."},{"cwe_id":400,"name":"Uncontrolled Resource Consumption","description":"The product does not properly control the allocation and maintenance of a limited resource, thereby enabling an actor to influence the amount of resources consumed, eventually leading to the exhaustion of available resources."}],"exploits":[],"severity_range_score":"8.3 - 8.3","exploitability":"0.5","weighted_severity":"7.5","risk_score":3.8,"resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-fjh9-4gn3-6feg"}