Candidate: CVE-2006-1524
References: 
 CONFIRM:http://kernel.org/pub/linux/kernel/v2.6/ChangeLog-2.6.16.6
 BID:17587
 URL:http://www.securityfocus.com/bid/17587
 SECUNIA:19664
 URL:http://secunia.com/advisories/19664
 SECUNIA:19657
 URL:http://secunia.com/advisories/19657 
Description: 
 madvise_remove in Linux kernel 2.6.16 up to 2.6.16.6 does not follow
 file and mmap restrictions, which allows local users to bypass IPC
 permissions and replace portions of readonly tmpfs files with zeroes,
 aka the MADV_REMOVE vulnerability. NOTE: this description was
 originally written in a way that combined two separate issues. The
 mprotect issue now has a separate name, CVE-2006-2071.
Notes: 
Bugs: 
upstream: released (2.6.16.7)
linux-2.6:
2.6.8-sarge-security: N/A
2.4.27-sarge-security: N/A
2.4.19-woody-security: 
2.4.18-woody-security: 
2.4.17-woody-security: 
2.4.16-woody-security: 
2.4.17-woody-security-hppa: 
2.4.17-woody-security-ia64: