Description of problem:
A NULL pointer dereference exists within the "cmp_ies()" function in net/wireless/scan.c. This can be exploited to crash a vulnerable system by tricking it into scanning and processing specially crafted SSID IEs. (Quoted from Secunia)
Version-Release number of selected component (if applicable):
Please refer to the following article. This concerns issue (2):
Not vulnerable. This issue did not affect the versions of Linux kernel as shipped with Red Hat Enterprise Linux 3, 4, 5 or Red Hat Enterprise MRG. Please note this issue only affected Linux kernel versions after v2.6.30-rc1 and was fixed in v2.6.31-rc6.