Multiple buffer overflows in the (1) read and (2) write handlers in the Omnikey CardMan 4040 driver in the Linux kernel before 2.6.21-rc3 allow local users to gain privileges.
[linux < 2.6.16.44] dfe67217aea3eb4ecbab736903f6ecee3458b8a8 [linux => 2.6.17 < 2.6.20.2] 7670279989a552a7a8afd275368d55a4f3b5054b this patch also made it into 2.6.21 059819a41d4331316dd8ddcf977a24ab338f4300 [gp <2.6.20-3]