Linux SCTP before 2.6.17 allows remote attackers to cause a denial of service via a large number of small messages to a receiver application that cannot process the messages quickly enough, which leads to "spillover of the receive buffer." This issue hasn't been reproduced with RHEL4, but the vulnerable code is the same as upstream. The upstream fix can be found here: http://git.kernel.org/git/?p=linux/kernel/git/torvalds/linux-2.6.git;a=commit;h=7c3ceb4fb9667f34f1599a062efecf4cdc4a4ce5
*** This bug has been marked as a duplicate of 187494 ***