Published: 03 January 2011
drivers/platform/x86/thinkpad_acpi.c in the Linux kernel before 2.6.34 on ThinkPad devices, when the X.Org X server is used, does not properly restrict access to the video output control state, which allows local users to cause a denial of service (system hang) via a (1) read or (2) write operation.
From the Ubuntu security team
Dan Jacobson discovered that ThinkPad video output was not correctly access controlled. A local attacker could exploit this to hang the system, leading to a denial of service.
Upstream b525c06cdbd8a3963f0173ccd23f9147d4c384b5 fixes this issue. It has propagated to stable kernels down to 2.6.32.y