The linux-2.4.21-mlock.patch included in RHEL3 has a hole. It is intended to allow normal uses to mlock within it's rlimit's however the accounting can be broken in the case of IPC: one process/user can mlock, another process can unlock. The later process gets it's pages mlocked decremented even though the former process got the increment. This could lead to unprivileged users getting rights to mlock memory. This issue was reported by Arjan around Jun07 and fixed in FC2 (1.427 on Jun11). See also: http://marc.theaimsgroup.com/?l=linux-kernel&m=108087017610947&w=2
Non-kABI-breaking patch posted for review on 27-Apr-2005, removing this bug from precluded-kABI-breakage blocker list.
A fix for this problem has just been committed to the RHEL3 U6 patch pool this evening (in kernel version 2.4.21-32.3.EL).
A fix for this problem has also been committed to the RHEL3 E6 patch pool this evening (in kernel version 2.4.21-32.0.1.EL).
An advisory has been issued which should help the problem described in this bug report. This report is therefore being closed with a resolution of ERRATA. For more information on the solution and/or where to find the updated files, please follow the link below. You may reopen this bug report if the solution does not work for you. http://rhn.redhat.com/errata/RHSA-2005-472.html
*** Bug 139881 has been marked as a duplicate of this bug. ***