There is a security hole "splice: missing user pointer access verification (CVE-2008-0009/10)" (exploit exist as proof of concept) for all kernels between 2.6.12-2.6.24.1 (included) which allows any user get root access