Candidate: CVE-2005-3358 References: https://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=175683 Description: Linux kernel 2.6.x, possibly before 2.6.11, allows local users to cause a denial of service (panic) via a set_mempolicy call with a 0 bitmask, which causes a panic when a page fault occurs. Notes: jmm> This was initially believed to be fixed as of 2.6.11, but this jmm> turned out to be wrong. Bugs: upstream: released (2.6.15) linux-2.6: released (2.6.15-1) 2.6.8-sarge-security: released (2.6.8-16sarge2) [mempolicy-undefined-nodes.dpatch] 2.4.27-sarge-security: N/A 2.4.19-woody-security: N/A 2.4.18-woody-security: N/A 2.4.17-woody-security: N/A 2.4.16-woody-security: N/A 2.4.17-woody-security-hppa: N/A 2.4.17-woody-security-ia64: N/A 2.4.18-woody-security-hppa: N/A