Use-after-free vulnerability in the fasync_helper function in
fs/fcntl.c in the Linux kernel before 2.6.33-rc4-git1 allows local
users to gain privileges via vectors that include enabling O_ASYNC
(aka FASYNC or FIOASYNC) on a locked file, and then closing this file.
*** This bug has been marked as a duplicate of bug 301006 ***