Paul Starzetz discovered a flaw in bounds checking in mremap() in the
Linux kernel versions 2.4.23 and previous which may allow a local
attacker to gain root privileges. No exploit is currently available;
however, it is believed that this issue is exploitable (although not
The Common Vulnerabilities and Exposures project (cve.mitre.org) has
assigned the name CAN-2003-0985 to this issue.
Affects: 3AS 3ES 3WS
Mark, this problem was fixed in kernel versions 2.4.21-4.0.2.EL
(RHSA-2003:416, E1 build #2) and 2.4.21-9.EL (RHSA-2004:017, U2).