Candidate: CVE-2005-0750
References: 
 BUGTRAQ:20050327 local root security bug in linux >= 2.4.6 <= 2.4.30-rc1 and 2.6.x.y <= 2.6.11.5
 URL:http://marc.theaimsgroup.com/?l=bugtraq&m=111204562102633&w=2
 FULLDISC:20050327 local root security bug in linux >= 2.4.6 <= 2.4.30-rc1 and 2.6.x.y <= 2.6.11.5
 URL:http://lists.grok.org.uk/pipermail/full-disclosure/2005-March/032913.html
 FEDORA:FLSA:152532
 URL:https://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=152532
 REDHAT:RHSA-2005:283
 URL:http://www.redhat.com/support/errata/RHSA-2005-283.html
 REDHAT:RHSA-2005:284
 URL:http://www.redhat.com/support/errata/RHSA-2005-284.html
 XF:kernel-bluezsockcreate-integer-underflow(19844)
 URL:http://xforce.iss.net/xforce/xfdb/19844
Description: 
 The bluez_sock_create function in the Bluetooth stack for Linux kernel 2.4.6
 through 2.4.30-rc1 and 2.6 through 2.6.11.5 allows local users to gain
 privileges via (1) socket or (2) socketpair call with a negative protocol
 value.
Notes: 
Bugs: 301799
upstream: released (2.6.11.5)
linux-2.6: N/A
2.6.8-sarge-security: released (2.6.8-16) [net-bluetooth-signdness-fix.dpatch]
2.4.27-sarge-security: released (2.4.27-10) [155_net-bluetooth-signdness-fix.diff]
2.4.19-woody-security: 
2.4.18-woody-security: 
2.4.17-woody-security: 
2.4.16-woody-security: 
2.4.17-woody-security-hppa: 
2.4.17-woody-security-ia64: 
2.4.18-woody-security-hppa: