A security hole has been found that does not affect the default configuration of Red Hat Linux, but it can affect some custom configurations of Red Hat Linux 7.1. The bug is specific to the Linux 2.4 kernel series. Aside from the fix, countless bugfixes have been applied to this kernel as a result of code-audits by the MC project of the Stanford University and others.
A vulnerability in iptables "RELATED" connection tracking has been discovered. When using iptables to allow FTP "RELATED" connections through the firewall, carefully constructed PORT commands can open arbitrary holes in the firewall. Default installations of Red Hat Linux 7.1 are not vulnerable; however upgrading to this kernel is recommended regardless in order to benefit from the other bug fixes in this kernel.