An attacker sending tcp, il, rudp, rudp, or gre packets with a length less than the header size would trigger a kernel panic.