From Ubuntu's latest: CAN-2005-1265: Chris Wright discovered that the mmap() function could create illegal memory maps (using the "mmap" function) with the start address pointing beyond the end address. A local user could exploit this to crash the kernel or possibly even execute arbitrary code with kernel privileges.
Patch: http://www.kernel.org/git/?p=linux/kernel/git/torvalds/linux-2.6.git;a=commitdiff_plain;h=07ab67c8d0d7c1021343b7d5c045033d6bf7be69;hp=66e60f92518268f4d2a702a1c4ffbe1caacd6290
Fixed upstream in 2.6.11.11 genpatches/gentoo-sources fixed previously
All fixed, closing.