CVE-2008-5700 (http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-5700): libata in the Linux kernel before 2.6.27.9 does not set minimum timeouts for SG_IO requests, which allows local users to cause a denial of service (Programmed I/O mode on drives) via multiple simultaneous invocations of an unspecified test program.