Candidate: CVE-2003-0985
References: 
 BUGTRAQ:20040105 Linux kernel mremap vulnerability
 MISC:http://isec.pl/vulnerabilities/isec-0013-mremap.txt
 BUGTRAQ:20040105 Linux kernel do_mremap() proof-of-concept exploit code
 BUGTRAQ:20040106 Linux mremap bug correction
 DEBIAN:DSA-423
 DEBIAN:DSA-450
 SUSE:SuSE-SA:2004:001
 SUSE:SuSE-SA:2004:003
 CONECTIVA:CLA-2004:799
 ENGARDE:ESA-20040105-001
 REDHAT:RHSA-2003:416
 REDHAT:RHSA-2003:417
 REDHAT:RHSA-2003:418
 REDHAT:RHSA-2003:419
 DEBIAN:DSA-413
 DEBIAN:DSA-417
 DEBIAN:DSA-427
 DEBIAN:DSA-439
 DEBIAN:DSA-440
 DEBIAN:DSA-442
 DEBIAN:DSA-470
 DEBIAN:DSA-475
 IMMUNIX:IMNX-2004-73-001-01
 MANDRAKE:MDKSA-2004:001
 SGI:20040102-01-U
 TRUSTIX:2004-0001
 BUGTRAQ:20040107 [slackware-security] Kernel security update (SSA:2004-006-01)
 BUGTRAQ:20040108 [slackware-security] Slackware 8.1 kernel security update (SSA:2004-008-01)
 BUGTRAQ:20040112 SmoothWall Project Security Advisory SWP-2004:001
 XF:linux-domremap-gain-privileges(14135)
 OSVDB:3315
 OVAL:OVAL860
 OVAL:OVAL867
Description: 
 The mremap system call (do_mremap) in Linux kernel 2.4.x before 2.4.21
 does not properly perform bounds checks, which allows local users to
 cause a denial of service and possibly gain privileges by causing a
 remapping of a virtual memory area (VMA) to create a zero length VMA,
 a different vulnerability than CAN-2004-0077.
Notes: 
Bugs: 
upstream: released (2.4.24-rc1), released (2.6.1)
linux-2.6: N/A
2.6.8-sarge-security: N/A
2.4.27-sarge-security: N/A
2.4.19-woody-security: released (2.4.19-4.woody1)
2.4.18-woody-security: released (2.4.18-14.1)
2.4.17-woody-security: released (2.4.17-1woody2)
2.4.16-woody-security: released (2.4.16-1woody2)
2.4.17-woody-security-hppa: released (32.3, 62.3)
2.4.17-woody-security-ia64: released (011226.15)
2.4.18-woody-security-hppa: released (62.2)