Candidate: CVE-2005-0124
References: 
 MLIST:[linux-kernel] 20041216 [Coverity] Untrusted user data in kernel
 URL:http://seclists.org/lists/linux-kernel/2004/Dec/3914.html
 MLIST:[linux-kernel] 20050105 Re: [Coverity] Untrusted user data in kernel
 URL:http://seclists.org/lists/linux-kernel/2005/Jan/1089.html
 MLIST:[linux-kernel] 20050107 [PATCH 2.4.29-pre3-bk4] fs/coda Re: [Coverity] Untrusted user data in kernel
 URL:http://seclists.org/lists/linux-kernel/2005/Jan/2018.html
 MLIST:[linux-kernel] 20050107 [PATCH 2.6.10-mm2] fs/coda Re: [Coverity] Untrusted user data in kernel
 URL:http://seclists.org/lists/linux-kernel/2005/Jan/2020.html
Description: 
 The coda_pioctl function in the coda functionality (pioctl.c) for Linux
 kernel 2.6.9 and 2.4.x before 2.4.29 may allow local users to cause a denial
 of service (crash) or execute arbitrary code via negative vi.in_size or
 vi.out_size values, which may trigger a buffer overflow.
Notes: 
Bugs: 
upstream: released (2.6.11)
linux-2.6.16: N/A
linux-2.6: N/A
2.6.8-sarge-security: released (2.6.8-16sarge2) [fs_coda_coverty.dpatch]
2.4.27-sarge-security: released (2.4.27-8)