Candidate: CVE-2007-2875
References: 
 http://git.kernel.org/?p=linux/kernel/git/stable/linux-2.6.20.y.git;a=commit;h=85badbdf5120d246ce2bb3f1a7689a805f9c9006
 http://kernel.org/pub/linux/kernel/v2.6/ChangeLog-2.6.21.4
Description: 
 Integer underflow in the cpuset_tasks_read function in the Linux kernel
 before 2.6.20.13, and 2.6.21.x before 2.6.21.4, when the cpuset filesystem
 is mounted, allows local users to obtain kernel memory contents by using a
 large offset when reading the /dev/cpuset/tasks file.
Ubuntu-Description: 
 An integer underflow was discovered in the cpuset filesystem.  If mounted,
 local attackers could obtain kernel memory using large file offsets while
 reading the tasks file. This could disclose sensitive data.
Notes: 
 Use simple_read_from_buffer to avoid possible underflow in
 cpuset_tasks_read which could allow user to read kernel memory.
Bugs: 
upstream: released (2.6.21.4)
linux-2.6: released (2.6.21-5)
2.6.18-etch-security: released (2.6.18.dfsg.1-13etch2) [bugfix/cpuset_tasks-underflow.patch]
2.6.8-sarge-security: N/A
2.4.27-sarge-security: N/A
2.6.15-dapper-security: released (2.6.15-28.57)
2.6.17-edgy-security: released (2.6.17.1-11.39) [1448fa0c7be21a3c6c31b20d19a8ecfafdfea143]
2.6.20-feisty-security: released (2.6.20-16.31) [b07fd0532409fb2332562abc2254376222d1e913]