RedHat Package Manager (RPM) files are compiled and prepackaged programs which can be downloaded and installed on Linux systems. It is possible corrupt the data in an RPM file so code is executed on a Linux system when the RPM is queried for version information. This is a difficult thing to do since the memory location of the hacker shellcode would need to be known. However, Its possible so dont mess with RPM files from untrusted sources.
Who need RPMs? :D
News source: MSNBC- Dont mess with RedHat Package Manager files