Candidate: CVE-2005-0176
References: 
 http://marc.theaimsgroup.com/?l=full-disclosure&m=110846102231365&w=2
 http://distro.conectiva.com.br/atualizacoes/index.php?id=a&anuncio=000930
 http://www.redhat.com/support/errata/RHSA-2005-092.html
 http://oval.mitre.org/oval/definitions/data/oval1225.html
 http://www.kernel.org/git/?p=linux/kernel/git/tglx/history.git;a=commit;h=2637792e3d9ae50079238615fd16384a0d393b30
Description: 
 The shmctl function in Linux 2.6.9 and earlier allows local users to unlock
 the memory of other processes, which could cause sensitive memory to be swapped
 to disk, which could allow it to be read by other users once it has been released.
Notes: 
 It appears that 2.6.8 and earlier are not vulnerable as prior to the
 following patch, local users could not effect lock or unlock
 http://www.kernel.org/git/?p=linux/kernel/git/tglx/history.git;a=commit;h=16698c49bbb42567c0bbc528d3820d18885e4642
 That is, only 2.6.10 is effected.
Bugs: 
upstream: 
linux-2.6: N/A
2.6.8-sarge-security: N/A
2.4.27-sarge-security: N/A
2.4.19-woody-security: N/A
2.4.18-woody-security: N/A
2.4.17-woody-security: N/A
2.4.16-woody-security: N/A
2.4.17-woody-security-hppa: N/A
2.4.17-woody-security-ia64: N/A