Submitted by ep on
http://www.securityfocus.com/bid/23447/info - It appears that a bounds checking error in the IPV4 forwarding semantics stack could lead to a remote Denial of Service (DoS) or possibly malicious code execution. This has been fixed in 2.6.21-rc6. RedHat has released updates for RHEL5.