CVE-2005-0736 : Integer overflow in sys_epoll_wait in eventpoll.c for Linux kernel 2.6 to 2.6.11 allows local users to overwrite kernel

Integer overflow in sys_epoll_wait in eventpoll.c for Linux kernel 2.6 to 2.6.11 allows local users to overwrite kernel memory via a large number of events.

Published 2005-03-09 05:00:00

Updated 2018-10-03 21:29:54

Source MITRE

View at NVD, CVE.org

Vulnerability category: Overflow

Threat overview for CVE-2005-0736

Top countries where our scanners detected CVE-2005-0736

Top open port discovered on systems with this issue 49153

IPs affected by CVE-2005-0736 11,250

Threat actors abusing to this issue? Yes

Find out if you^* are affected by CVE-2005-0736!

^*Directly or indirectly through your vendors, service providers and 3rd parties. Powered by attack surface intelligence from SecurityScorecard.

Exploit prediction scoring system (EPSS) score for CVE-2005-0736

Probability of exploitation activity in the next 30 days: 0.04%

Percentile, the proportion of vulnerabilities that are scored at or less: ~ % EPSS Score History EPSS FAQ

CVSS scores for CVE-2005-0736

Base Score	Base Severity	CVSS Vector	Exploitability Score	Impact Score	Score Source
2.1	LOW	AV:L/AC:L/Au:N/C:N/I:P/A:N	3.9	2.9	NIST
Access Vector: Local Access Complexity: Low Authentication: None Confidentiality Impact: None Integrity Impact: Partial Availability Impact: None

References for CVE-2005-0736

http://www.redhat.com/support/errata/RHSA-2005-366.html

CVEs referencing this url
http://www.novell.com/linux/security/advisories/2005_18_kernel.html

404 Page Not Found | SUSE
Vendor Advisory

CVEs referencing this url
http://www.securityfocus.com/bid/12763

Exploit;Patch;Vendor Advisory
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9870
http://www.redhat.com/support/errata/RHSA-2005-293.html

CVEs referencing this url
https://usn.ubuntu.com/95-1/

CVEs referencing this url
http://lists.grok.org.uk/pipermail/full-disclosure/2005-March/032314.html

Patch;Vendor Advisory

Products affected by CVE-2005-0736

Redhat » Enterprise Linux » Version: 4.0 Advanced Server Edition
cpe:2.3:o:redhat:enterprise_linux:4.0:*:advanced_server:*:*:*:*:*
Matching versions
Redhat » Enterprise Linux » Version: 4.0 Enterprise Server Edition
cpe:2.3:o:redhat:enterprise_linux:4.0:*:enterprise_server:*:*:*:*:*
Matching versions
Redhat » Enterprise Linux » Version: 4.0 Workstation Edition
cpe:2.3:o:redhat:enterprise_linux:4.0:*:workstation:*:*:*:*:*
Matching versions
Redhat » Enterprise Linux Desktop » Version: 4.0
cpe:2.3:o:redhat:enterprise_linux_desktop:4.0:*:*:*:*:*:*:*
Matching versions
Redhat » Fedora Core » Version: Core 2.0
cpe:2.3:o:redhat:fedora_core:core_2.0:*:*:*:*:*:*:*
Matching versions
Redhat » Fedora Core » Version: Core 3.0
cpe:2.3:o:redhat:fedora_core:core_3.0:*:*:*:*:*:*:*
Matching versions
Linux » Linux Kernel » Version: 2.6.2
cpe:2.3:o:linux:linux_kernel:2.6.2:*:*:*:*:*:*:*
Matching versions
Linux » Linux Kernel » Version: 2.6.0
cpe:2.3:o:linux:linux_kernel:2.6.0:*:*:*:*:*:*:*
Matching versions
Linux » Linux Kernel » Version: 2.6.5
cpe:2.3:o:linux:linux_kernel:2.6.5:*:*:*:*:*:*:*
Matching versions
Linux » Linux Kernel » Version: 2.6.3
cpe:2.3:o:linux:linux_kernel:2.6.3:*:*:*:*:*:*:*
Matching versions
Linux » Linux Kernel » Version: 2.6.4
cpe:2.3:o:linux:linux_kernel:2.6.4:*:*:*:*:*:*:*
Matching versions
Linux » Linux Kernel » Version: 2.6.1
cpe:2.3:o:linux:linux_kernel:2.6.1:*:*:*:*:*:*:*
Matching versions
Linux » Linux Kernel » Version: 2.6.7
cpe:2.3:o:linux:linux_kernel:2.6.7:*:*:*:*:*:*:*
Matching versions
Linux » Linux Kernel » Version: 2.6.6
cpe:2.3:o:linux:linux_kernel:2.6.6:*:*:*:*:*:*:*
Matching versions
Linux » Linux Kernel » Version: 2.6.8
cpe:2.3:o:linux:linux_kernel:2.6.8:*:*:*:*:*:*:*
Matching versions
Linux » Linux Kernel » Version: 2.6.9 Update 2.6.20
cpe:2.3:o:linux:linux_kernel:2.6.9:2.6.20:*:*:*:*:*:*
Matching versions
Linux » Linux Kernel » Version: 2.6.10
cpe:2.3:o:linux:linux_kernel:2.6.10:*:*:*:*:*:*:*
Matching versions
Linux » Linux Kernel » Version: 2.6.11
cpe:2.3:o:linux:linux_kernel:2.6.11:*:*:*:*:*:*:*
Matching versions
Conectiva » Linux » Version: 10.0
cpe:2.3:o:conectiva:linux:10.0:*:*:*:*:*:*:*
Matching versions

Vulnerability Details : CVE-2005-0736

Threat overview for CVE-2005-0736

Exploit prediction scoring system (EPSS) score for CVE-2005-0736

CVSS scores for CVE-2005-0736

References for CVE-2005-0736

Products affected by CVE-2005-0736