CVE-2005-3660

Name of the Vulnerable Software and Affected Versions Linux kernel versions 2.4 and 2.6

Description The issue allows attackers to cause a denial of service, leading to memory exhaustion and panic. This can be achieved by creating a large number of connected file descriptors or socketpairs, setting a large data transfer buffer, and then preventing the transfer from being completed. This can be done by causing the process to become a zombie or by closing the file descriptor without closing an associated reference.

Recommendations For Linux kernel version 2.4, update to a version that includes a fix for this issue. For Linux kernel version 2.6, update to a version that includes a fix for this issue. As a temporary workaround, consider restricting the creation of connected file descriptors or socketpairs to minimize the risk of exploitation.