Friend of mine pasted me this this morning: A flaw was found in the way the Linux kernel's IPv6 implementation handled certain UDP packets when the UDP Fragmentation Offload (UFO) feature was enabled. A remote attacker could use this flaw to crash the system or, potentially, escalate their privileges on the system. (CVE-2013-4387, Important) Sites seem to indicate this is as old as September 2013. First two URLs indicates 2.6.x is impacted, though other CVE sites don't indicate that. https://security-tracker.debian.org/tracker/CVE-2013-4387 http://www.redhat.com/archives/enterprise-watch-list/2013-November/msg00028.html http://www.cvedetails.com/cve/CVE-2013-4387/ https://bugzilla.redhat.com/show_bug.cgi?id=1011927 https://access.redhat.com/security/cve/CVE-2013-4387 With all the recent focus here on IPv6, I thought I'd submit a forum RFC (request for comments).