Candidate: CVE-2006-4997
References:
 http://www.kernel.org/git/?p=linux/kernel/git/torvalds/linux-2.6.git;a=commit;h=fe26109a9dfd9327fdbe630fc819e1b7450986b2
Description: 
 IP over ATM clip_mkip dereference freed pointer
Ubuntu-Description:
 ADLab Venustech Info Ltd discovered that the ATM network driver
 referenced an already released pointer in some circumstances. By
 sending specially crafted packets to a host over ATM, a remote
 attacker could exploit this to crash that host.
Notes: 
Bugs: 
upstream: released (2.4.34-pre4, 2.6.18)
linux-2.6: released (2.6.18-1)
2.6.8-sarge-security: released (2.6.8-16sarge6) [atm-clip-freed-skb-deref.dpatch]
2.4.27-sarge-security: released (2.4.27-10sarge5) [234_atm-clip-freed-skb-deref.diff]
2.6.12-breezy-security: released (2.6.12-10.41)
2.6.15-dapper-security: released (2.6.15-27.49)
2.6.17-edgy: released (2.6.17-10.31)