Candidate: CVE-2004-0181
References: 
 http://www.linuxsecurity.com/advisories/engarde_advisory-4285.html
 http://security.gentoo.org/glsa/glsa-200407-02.xml
 http://www.mandrakesoft.com/security/advisories?name=MDKSA-2004:029
 http://marc.theaimsgroup.com/?l=bugtraq&m=108213675028441&w=2
 http://www.turbolinux.com/security/2004/TLSA-2004-14.txt
 http://www.securityfocus.com/bid/10143
 http://xforce.iss.net/xforce/xfdb/15902
Description: 
 The JFS file system code in Linux 2.4.x has an information leak in which
 in-memory data is written to the device for the JFS file system, which allows
 local users to obtain sensitive information by reading the raw device.
Notes: 
 jmm> JFS was merged into the 2.4 kernel in 2.4.20-pre4 and into 2.6 at 2.6.5-rc2,
 jmm> so I'm marking all versions N/A
Bugs: 
upstream: released (2.4.26-pre5), released (2.6.5-rc2)
linux-2.6: N/A
2.6.8-sarge-security: N/A
2.4.27-sarge-security: N/A
2.4.19-woody-security: N/A
2.4.18-woody-security: N/A
2.4.17-woody-security: N/A
2.4.16-woody-security: N/A
2.4.17-woody-security-hppa: N/A
2.4.17-woody-security-ia64: N/A