Candidate: CVE-2005-1265 References: http://www.ubuntulinux.org/support/documentation/usn/usn-137-1 Description: The mmap function in the Linux Kernel 2.6.10 can be used to create memory maps with a start address beyond the end address, which allows local users to cause a denial of service (kernel crash) Notes: jmm> I've pulled the patch by Linus from the above-mentioned Ubuntu advisory Bugs: upstream: released (2.6.12) linux-2.6: N/A 2.6.8-sarge-security: released (2.6.8-16sarge1) [mm-mmap-range-test.dpatch] 2.4.27-sarge-security: ignored (2.4.27-10sarge6) "not sure if it affects 2.4 - code is very different; need porting help" 2.6.18-etch-security: N/A