A flaw was found in the way ipv6 netfilter's connection tracking module handled packets fragmented into a single fragment. A remote attacker could use this flaw to crash the system. Upstream fix: http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git;a=commitdiff;h=9e2dcf72023d1447f09c47d77c99b0c49659e5ce Acknowledgements: Red Hat would like to thank Antonios Atlasis working with Beyond Security's SecuriTeam Secure Disclosure program for reporting this issue.
Statement: This issue did not affect the versions of the Linux kernel as shipped with Red Hat Enterprise Linux 5 as they did not include support for netfilter's ipv6 connection tracking module. This issue did not affect the versions of the Linux kernel as shipped with Red Hat Enterprise Linux MRG as they already contain the upstream commit that fixes this issue.
This issue has been addressed in following products: Red Hat Enterprise Linux 6 Via RHSA-2012:1064 https://rhn.redhat.com/errata/RHSA-2012-1064.html
This issue has been addressed in following products: Red Hat Enterprise Linux 6.0 EUS - Server Only Via RHSA-2012:1114 https://rhn.redhat.com/errata/RHSA-2012-1114.html
This issue has been addressed in following products: Red Hat Enterprise Linux 6.2 EUS - Server Only Via RHSA-2012:1129 https://rhn.redhat.com/errata/RHSA-2012-1129.html
This issue has been addressed in following products: Red Hat Enterprise Linux 6.1 EUS - Server Only Via RHSA-2012:1148 https://rhn.redhat.com/errata/RHSA-2012-1148.html