CVE-2005-3808

Linux Kernel - Denial of Service

Title source: rule

Description

Integer overflow in the invalidate_inode_pages2_range function in mm/truncate.c in Linux kernel 2.6.11 to 2.6.14 allows local users to cause a denial of service (hang) via 64-bit mmap calls that are not properly handled on a 32-bit system.

Exploits (1)

exploitdb WORKING POC VERIFIED

by Oleg Drokin · cdoslinux

https://www.exploit-db.com/exploits/26811

View Code ZIP pw:eip

References (11)

[Various Sources] http://lists.suse.de/archive/suse-security-announce/2006-Feb/0010.html

[Patch, Vendor Advisory] http://seclists.org/lists/linux-kernel/2005/Nov/7839.html

[Patch] http://www.kernel.org/hg/linux-2.6/?cs=6d5ffbb49406

[Vendor Advisory] https://usn.ubuntu.com/231-1/

[Vendor Advisory] http://www.mandriva.com/security/advisories?name=MDKSA-2006:018

[Vendor Advisory] http://www.novell.com/linux/security/advisories/2006_06_kernel.html

[Third Party Advisory, VDB Entry] http://www.securityfocus.com/advisories/9852

[Third Party Advisory, VDB Entry] http://www.securityfocus.com/bid/15846

[Third Party Advisory] http://secunia.com/advisories/18203

[Third Party Advisory] http://secunia.com/advisories/18788

[Third Party Advisory] http://secunia.com/advisories/19038

Scores

EPSS 0.0020

EPSS Percentile 42.0%

Classification

Status draft

Affected Products (30)

linux/linux_kernel

... and 15 more

Timeline

Published Nov 25, 2005

Tracked Since Feb 18, 2026