Candidate: CVE-2008-6107
Description:
 The (1) sys32_mremap function in arch/sparc64/kernel/sys_sparc32.c, the
 (2) sparc_mmap_check function in arch/sparc/kernel/sys_sparc.c, and the
 (3) sparc64_mmap_check function in arch/sparc64/kernel/sys_sparc.c, in
 the Linux kernel before 2.6.25.4, omit some virtual-address range (aka
 span) checks when the mremap MREMAP_FIXED bit is not set, which allows
 local users to cause a denial of service (panic) via unspecified mremap
 calls, a related issue to CVE-2008-2137. 
References:
 http://www.kernel.org/pub/linux/kernel/v2.6/ChangeLog-2.6.25.4 
 http://marc.info/?l=linux-kernel&m=121071103304610&w=2
 94d149c34cda933ff5096aca94bb23bf68602f4e
Ubuntu-Description:
Notes:
Bugs:
upstream: released (2.6.25.4, 2.6.26)
linux-2.6: released (2.6.25-4)
2.6.18-etch-security: released (2.6.18.dfsg.1-18etch5) [bugfix/sparc-fix-mremap-addr-range-validation.patch]
2.6.24-etch-security: released (2.6.24-6~etchnhalf.3) [bugfix/sparc-fix-mremap-addr-range-validation.patch]
2.6.26-lenny-security: N/A
2.6.15-dapper-security:
2.6.22-gutsy-security:
2.6.24-hardy-security:
2.6.27-intrepid-security: