|The do_mremap function for the mremap system call in Linux 2.2 to
2.2.25, 2.4 to 2.4.24, and 2.6 to 2.6.2, does not properly check the
return value from the do_munmap function when the maximum number of
VMA descriptors is exceeded, which allows local users to gain root
privileges, a different vulnerability than CAN-2003-0985.