IPTables FTP Stateful Inspection Arbitrary Filter Rule Insertion Vulnerability
Red Hat has released upgraded packages and an advisory. The kernel upgrade is split into several different RPMs, all of which should be applied. Some components are optimized for different versions of the Intel architecture, ie i586, i686. Administrators are advised to install the optimized packages where appropriate.
The NetFilter core development team has released a source-code patch that addresses this issue:
Linux kernel 2.4.2
Linux kernel 2.4.3