Chris wright reported a problem with the topdown allocator. This issue is
believed to allow a crash, but not result in gaining privileges (most likely due
to the BUG() cases added to 2.6 after a previous exploit).
We didn't check RHEL4 specifically to determine if this issue affect our shipped
version. More details see
I just submitted a patch.
An advisory has been issued which should help the problem
described in this bug report. This report is therefore being
closed with a resolution of ERRATA. For more information
on the solution and/or where to find the updated files,
please follow the link below. You may reopen this bug report
if the solution does not work for you.