CVE-2008-5079 (http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-5079): net/atm/svc.c in the ATM subsystem in the Linux kernel 2.6.27.8 and earlier allows local users to cause a denial of service (kernel infinite loop) by making two calls to svc_listen for the same socket, and then reading a /proc/net/atm/*vc file, related to corruption of the vcc table.
Fix is already in Linus' tree ... http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git;a=commit;h=17b24b3c97498935a2ef9777370b1151dfed3f6f
Fix made it into stable review for 2.6.27.9 --> [patch 19/83] http://lkml.org/lkml/2008/12/11/234
It's in 2.6.27.9 (kernel.org) and gentoo-sources-2.6.27-r6.