Candidate: CVE-2005-0449
References: 
 http://www.cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2005-0449
 http://kernel.org/git/?p=linux/kernel/git/torvalds/linux-2.6.git;a=commit;h=1e01441051dda3bb01c455b6e20bce6d00563\d82
 http://oss.sgi.com/archives/netdev/2005-01/msg01107.html
Description: 
 The netfilter/iptables module in Linux before 2.6.8.1 allows remote attackers to
 cause a denial of service (kernel crash) or bypass firewall rules via crafted
 packets, which are not properly handled by the skb_checksum_help function.
Notes: 
 ** CHANGES ABI **
 ipv4-fragment-queues-[1,2,2.1].dpatch are in sarge's 2.6.8.
 ipv4-fragment-queues-[3,4].dpatch are awaiting an ABI event
 .
 150_private_fragment_queues-[1,2].diff are awaiting a 2.4.27 ABI event
Bugs: 
upstream: released (2.6.8.1)
linux-2.6: N/A
2.6.8-sarge-security: released (2.6.8-16sarge2) [ipv4-fragment-queues-1.dpatch, ipv4-fragment-queues-2.dpatch, ipv4-fragment-queues-3.dpatch, ipv4-fragment-queues-4.dpatch]
2.4.27-sarge-security: released (2.4.27-10sarge2) [150_private_fragment_queues-1.diff, 150_private_fragment_queues-2.diff]