Candidate: CVE-2006-1343
References:
 http://marc.theaimsgroup.com/?l=linux-netdev&m=114148078223594&w=2
Description: 
 net/ipv4/netfilter/ip_conntrack_core.c in Linux kernel 2.4 and 2.6, and
 possibly net/ipv4/netfilter/nf_conntrack_l3proto_ipv4.c in 2.6, does not
 clear sockaddr_in.sin_zero before returning IPv4 socket names from the
 getsockopt function with SO_ORIGINAL_DST, which allows local users to
 obtain portions of potentially sensitive memory.
Notes: 
 troyh> This isn't fixed upstream in 2.6 yet, at least not in the same way as 2.4
 dannf> marking ignored for sarge3/2.6 due to ^^
 jmm> It's now fixed upstream in 2.6 as well, let's include it in sarge4
Bugs: 
upstream: released (2.4.33-pre3), released (2.6.16.19)
linux-2.6: released (2.6.16-15)
2.6.8-sarge-security: released (2.6.8-16sarge5) [netfilter-SO_ORIGINAL_DST-leak.dpatch]
2.4.27-sarge-security: released (2.4.27-10sarge3) [212_ipv4-sin_zero_clear.diff]