The Linux kernel before 2.6.32.4 allows local users to gain privileges or cause a denial of service (panic) by calling the (1) mmap or (2) mremap function, aka the "do_mremap() mess" or "mremap/mmap mess."
Exploitability
AV:LAC:LAu:NImpact
C:PI:PA:P4.6/AV:L/AC:L/Au:N/C:P/I:P/A:P