Candidate: CVE-2006-0038
References: 
 https://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=186295
 http://www.kernel.org/git/?p=linux/kernel/git/torvalds/linux-2.6.git;a=commit;h=ee4bb818ae35f68d1f848eae0a7b150a38eb4168
Description: 
 Integer overflow in the do_replace function in netfilter for Linux
 before 2.6.16-rc3, when using "virtualization solutions" such as OpenVZ,
 allows local users with CAP_NET_ADMIN rights to cause a buffer overflow
 in the copy_from_user function.
Notes:
 dannf> Submitted to Marcelo for 2.4
Bugs: 
upstream: released (2.6.16-rc3)
linux-2.6: released (2.6.16-1)
2.6.8-sarge-security: released (2.6.8-16sarge3) [netfilter-do_replace-overflow.dpatch]
2.4.27-sarge-security: released (2.4.27-10sarge3) [221_netfilter-do_replace-overflow.diff]
2.4.19-woody-security: 
2.4.18-woody-security: 
2.4.17-woody-security: 
2.4.16-woody-security: 
2.4.17-woody-security-hppa: 
2.4.17-woody-security-ia64: