mm/ioremap.c in Linux 2.6 on 64-bit x86 systems allows local users to cause a denial of service or an information leak via an ioremap on a certain memory map that causes the iounmap to perform a lookup of a page that does not exist.Referenceshttp://www.redhat.com/support/errata/RHSA-2005-808.htmlhttp://secunia.com/advisories/18056http://secunia.com/advisories/17364http://www.kernel.org/git/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commit%3Bh=93ef70a217637ade3f335303a112b22a134a1ec2https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11322http://www.debian.org/security/2005/dsa-922http://www.securityfocus.com/bid/15049http://secunia.com/advisories/17141http://www.ubuntu.com/usn/usn-199-1
