Description
Integer overflow in sys_epoll_wait in eventpoll.c for Linux kernel 2.6 to 2.6.11 allows local users to overwrite kernel memory via a large number of events.
Product(s):
- Conectiva Linux 10.0
- Linux Kernel 2.6.0
- Linux Kernel 2.6 test10
- Linux Kernel 2.6 test11
- Linux Kernel 2.6 test1
- Linux Kernel 2.6 test2
- Linux Kernel 2.6 test3
- Linux Kernel 2.6 test4
- Linux Kernel 2.6 test5
- Linux Kernel 2.6 test6
- Linux Kernel 2.6 test7
- Linux Kernel 2.6 test8
- Linux Kernel 2.6 test9
- Linux Kernel 2.6.10
- Linux Kernel 2.6.10 Release Candidate 1
- Linux Kernel 2.6.10 Release Candidate 2
- Linux Kernel 2.6.10 Release Candidate 3
- Linux Kernel 2.6.11
- Linux Kernel 2.6.11 Release Candidate 1
- Linux Kernel 2.6.11 Release Candidate 2
- Linux Kernel 2.6.11 Release Candidate 3
- Linux Kernel 2.6.11 Release Candidate 4
- Linux Kernel 2.6.11 Release Candidate 5
- Linux Kernel 2.6.1
- Linux Kernel 2.6.1 Release Candidate 1
- Linux Kernel 2.6.1 Release Candidate 2
- Linux Kernel 2.6.1 Release Candidate 3
- Linux Kernel 2.6.2
- Linux Kernel 2.6.2 Release Candidate 1
- Linux Kernel 2.6.2 Release Candidate 2
- Linux Kernel 2.6.2 Release Candidate 3
- Linux Kernel 2.6.3
- Linux Kernel 2.6.3 Release Candidate 1
- Linux Kernel 2.6.3 Release Candidate 2
- Linux Kernel 2.6.3 Release Candidate 3
- Linux Kernel 2.6.3 Release Candidate 4
- Linux Kernel 2.6.4
- Linux Kernel 2.6.4 Release Candidate 1
- Linux Kernel 2.6.4 Release Candidate 2
- Linux Kernel 2.6.4 Release Candidate 3
- Linux Kernel 2.6.5
- Linux Kernel 2.6.5 Release Candidate 1
- Linux Kernel 2.6.5 Release Candidate 2
- Linux Kernel 2.6.5 Release Candidate 3
- Linux Kernel 2.6.6
- Linux Kernel 2.6.6 Release Candidate 1
- Linux Kernel 2.6.6 Release Candidate 2
- Linux Kernel 2.6.6 Release Candidate 3
- Linux Kernel 2.6.7
- Linux Kernel 2.6.7 Release Candidate 1
- Linux Kernel 2.6.7 Release Candidate 2
- Linux Kernel 2.6.7 Release Candidate 3
- Linux Kernel 2.6.8
- Linux Kernel 2.6.8 Release Candidate 1
- Linux Kernel 2.6.8 Release Candidate 2
- Linux Kernel 2.6.8 Release Candidate 3
- Linux Kernel 2.6.8 Release Candidate 4
- Linux Kernel 2.6.9 2.6.20
- Red Hat Enterprise Linux 4.0 Advanced Server
- Red Hat Enterprise Linux 4.0 Enterprise Server
- Red Hat Enterprise Linux 4.0 Workstation
- Red Hat Desktop 4.0
- Red Hat Fedora Core Core 2.0
- Red Hat Fedora Core Core 3.0
Question to Ask Vendors:
- Can you confirm whether your systems are affected by CVE-2005-0736, and if so, what steps are you currently taking to mitigate this vulnerability?
- What is your estimated timeline for fully resolving CVE-2005-0736 in your products or services, and how will you communicate updates on this issue to us as your customer?
Recommended Actions:
- Check out the advisory links provided below.