The sys_remap_file_pages function in mm/fremap.c in the Linux kernel before 2.6.24.1 allows local users to cause a denial of service or gain privileges via unspecified vectors, related to the vm_file structure member, and the mmap_region and do_munmap functions.
http://www.securityfocus.com/bid/33211
http://www.kernel.org/pub/linux/kernel/v2.6/ChangeLog-2.6.24.1