Candidate: CVE-2005-0179
References: 
 http://lists.grok.org.uk/pipermail/full-disclosure/2005-January/030660.html
 http://distro.conectiva.com.br/atualizacoes/index.php?id=a&anuncio=000930
 http://www.redhat.com/support/errata/RHSA-2005-092.html
Description: 
 Linux kernel 2.4.x and 2.6.x allows local users to cause a denial
 of service (CPU and memory  consumption) and bypass RLIM_MEMLOCK
 limits via the mlockall call.
Notes: 
 jmm> The vulnerable code was only introduced in 2.6.9
 dannf> I believe this is fixed in:
  http://linux.bkbits.net:8080/linux-2.6/cset@41e2d63eQyYc3q3MPkKLhEktFoqfUw?nav=index.html|src/|src/mm|related/mm/mmap.c
 dannf> and since that was in 2.6.11, i'll mark upstream as such
Bugs: 
upstream: released (2.6.11)
linux-2.6.16: N/A
linux-2.6: N/A
2.6.8-sarge-security: N/A
2.4.27-sarge-security: N/A