Hi all.
Julien Tinnes and Tavis Ormandy from the Google Security Team have recently found a Linux kernel vulnerability which affects all 2.4 and 2.6 kernels since 2001 on all architectures. Please read the announcement on LWM: http://lwn.net/Articles/347006/ for further information about the vulnerability and the exploit which has been provided by Brad Spengler (you will find updates on his twitter site).
The only workaroud that is known to me atm is to disable the affected kernel modules (which should be handled with care as some of them may provide necessary functionality in your operating environment):
echo "alias net-pf-3 off # Amateur Radio AX.25 alias net-pf-4 ipx # IPX alias net-pf-5 off # DDP / AppleTalk alias net-pf-9 off # X.25 # alias net-pf-10 off # IPv6 alias net-pf-23 off # IrDA alias net-pf-24 # PPPoE alias net-pf-31 off # Bluetooth" >> /etc/modprobe.conf
Best Regards Marcus