CVE-2008-2372 (http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-2372): The Linux kernel 2.6.24 and 2.6.25 before 2.6.25.9 allows local users to cause a denial of service (memory consumption) via a large number of calls to the get_user_pages function, which lacks a ZERO_PAGE optimization and results in allocation of "useless newly zeroed pages."
See also: https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2008-2372
Note: >=genpatches-2.6.25-7 is unaffected. Removing hardened as there are no vulnerable versions of hardened-sources in portage.