Tavis Ormandy and Julien Tinnes, Google Security Team reported that Kernels <= 2.6.18.8 are vulnerable to a NULL pointer dereference issue when using MSG_MORE on udp sockets. Fixed upstream already by: http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git;a=commitdiff;h=1e0c14f49d6b393179f423abbac47f85618d3d46 Acknowledgements: Red Hat would like to thank Tavis Ormandy and Julien Tinnes of the Google Security Team for responsibly reporting this flaw.
This issue has been addressed in following products: Red Hat Enterprise Linux 5 Via RHSA-2009:1222 https://rhn.redhat.com/errata/RHSA-2009-1222.html
This issue has been addressed in following products: Red Hat Enterprise Linux 4 Via RHSA-2009:1223 https://rhn.redhat.com/errata/RHSA-2009-1223.html
This issue has been addressed in following products: Red Hat Enterprise Linux 3 Via RHSA-2009:1233 https://rhn.redhat.com/errata/RHSA-2009-1233.html
This issue has been addressed in following products: Red Hat Enterprise Linux 5.2 Z Stream Via RHSA-2009:1457 https://rhn.redhat.com/errata/RHSA-2009-1457.html
This issue has been addressed in following products: Red Hat Enterprise Linux 4.7 Z Stream Via RHSA-2009:1469 https://rhn.redhat.com/errata/RHSA-2009-1469.html