Candidate: CVE-2005-4605
References: 
 http://www.kernel.org/git/?p=linux/kernel/git/torvalds/linux-2.6.git;a=commit;h=8b90db0df7187a01fb7177f1f812123138f562cf
 http://marc.theaimsgroup.com/?l=full-disclosure&m=113535380422339&w=2
 http://linux.bkbits.net:8080/linux-2.6/gnupatch@43b562ae6hJGLWZA4TNf2k-RzXnVlQ
Description: 
 The procfs code (proc_misc.c) in Linux 2.6.14.3 and other versions
 before 2.6.15 allows attackers to read sensitive kernel memory via
 unspecified vectors in which a signed value is added to an unsigned
 value.
Notes: 
 jmm> 2.4 not affected as proc_file_lseek() contains a check for this
 jmm> if (offset>=0 && (unsigned long long)offset<=file->f_dentry->d_inode->i_sb->s_maxbytes) {
 jmm> Discovered by Karl Janmar
Bugs: 
upstream: released (2.6.15), released (2.6.14.6)
linux-2.6: released (2.6.15-1)
2.6.8-sarge-security: released (2.6.8-16sarge2) [proc-legacy-loff-underflow.dpatch]
2.4.27-sarge-security: N/A
2.4.19-woody-security: N/A
2.4.18-woody-security: N/A
2.4.17-woody-security: N/A
2.4.16-woody-security: N/A
2.4.17-woody-security-hppa: N/A
2.4.17-woody-security-ia64: N/A