Candidate: CVE-2006-2272
References: 
 CONFIRM:http://git.kernel.org/git/?p=linux/kernel/git/torvalds/linux-2.6.git;a=commitdiff;h=62b08083ec3dbfd7e533c8d230dd1d8191a6e813
 URL:http://www.securityfocus.com/bid/17910
 URL:http://xforce.iss.net/xforce/xfdb/26431 
Description: 
 Linux SCTP (lksctp) before 2.6.17 allows remote attackers to cause a denial
 of service (kernel panic) via incoming IP fragmented (1) COOKIE_ECHO and (2)
 HEARTBEAT SCTP control chunks.
Notes: 
 dannf> Submitted to Marcelo for inclusion in 2.4
Bugs: 
upstream: released (2.6.16.15)
linux-2.6: released (2.6.16-13)
2.6.8-sarge-security: released (2.6.8-16sarge3)
2.4.27-sarge-security: released (2.4.27-10sarge3)
2.4.19-woody-security: N/A
2.4.18-woody-security: N/A
2.4.17-woody-security: N/A
2.4.16-woody-security: N/A
2.4.17-woody-security-hppa: N/A
2.4.17-woody-security-ia64: N/A