A vulnerability has been reported in the Linux Kernel, which can be exploited by malicious people to cause a DoS (Denial of Service). The vulnerability is caused due to a boundary error within the handling of incoming CAPI messages in net/bluetooth/cmtp/capi.c. This can be exploited to overwrite certain Kernel data structures.
Fixed in: Linux 2.6.18.6 genpatches-2.6.18-7 gentoo-sources-2.6.18-r5
2.6.19 appears unfixed, patch is not even in 2.6.20-rc3
Contacted upstream http://marc.theaimsgroup.com/?l=linux-kernel&m=116770122513417&w=2
More fixed versions: Linux 2.6.19.2 genpatches-2.6.19-5 gentoo-sources-2.6.19-r4
proposed metadata w/ git ids: [linux < 2.6.16.38] 044a3e96c42df125bbc046495d49a6b8f380aa5a [linux > 2.6.16.38 < 2.6.18.6] 1dca7c280661c5741ac2eeb4b5386c1a566bf0b1 [linux > 2.6.18.6 < 2.6.19.2] d4ea7f9f5554d94dcb8a630f470c724d05e8f112 [gp < 2.6.18-7] [gentoo < 2.6.18-r5] [gp > 2.6.18-7 < 2.6.19-5] [gentoo > 2.6.18-r5 < 2.6.19-r4]
metadata correction: [linux > 2.6.16.38 < 2.6.18.6] should be [linux >= 2.6.17 < 2.6.18.6] [linux > 2.6.18.6 < 2.6.19.2] should be [linux >= 2.6.19 < 2.6.19.2] [gentoo < 2.6.18-r5] [gp > 2.6.18-7 < 2.6.19-5] should be [gp >= 2.6.19-1 < 2.6.19-5] [gentoo > 2.6.18-r5 < 2.6.19-r4] should be [gentoo >= 2.6.19 < 2.6.19-r4]
*** Bug 157836 has been marked as a duplicate of this bug. ***