Several hash table implementations in the networking were
remotely exploitable.  Remote attackers could launch attacks
whereby, using carefully choosen forged source addresses, make
every routing cache entry get hashed into the same hash chain.

Netfilter's IP conntrack module and the TCP syn-queue implementation
had identical vulnerabilities and have been fixed too.

The choosen solution to the problem involved using Bob's Jenkins
hash along with a randomly choosen input.  For the ipv4 routing
cache we take things one step further and periodically choose a
new random secret.  By default this happens every 10 minutes, but
this is configurable by the user via sysctl knobs.