Buffer overflow in the (1) sysfs_show_available_clocksources and (2) sysfs_show_current_clocksources functions in Linux kernel 2.6.23 and earlier might allow local users to cause a denial of service or execute arbitrary code via crafted clock source names.

More... (http://nvd.nist.gov/nvd.cfm?cvename=CVE-2007-5908)