A typo in IPv6 flowlabel handling code in Linux kernels 2.4 up to 2.4.32 and 2.6 before 2.6.14 could be used by a local attacker to cause the kernel free non-allocated memory and in turn corrupt kernel memory and/or crash the machine. Fixed upstream by: http://linux.bkbits.net:8080/linux-2.6/cset@435ebd2095VXAPIHGRQXkibspCvlPw This issue affects kernels 2.4 as well as 2.6 up to 2.6.14
An advisory has been issued which should help the problem described in this bug report. This report is therefore being closed with a resolution of ERRATA. For more information on the solution and/or where to find the updated files, please follow the link below. You may reopen this bug report if the solution does not work for you. http://rhn.redhat.com/errata/RHSA-2006-0101.html
All in attendance at 12-JAN-06 RHEL meeting approved for MUSTFIX list for RHEL4-U3