An error when processing the "osf_wait4()" system call in arch/alpha/kernel/osf_sys.c can be exploited to manipulate kernel memory.
CVE-2011-2213 (http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2213): The inet_diag_bc_audit function in net/ipv4/inet_diag.c in the Linux kernel before 2.6.39.3 does not properly audit INET_DIAG bytecode, which allows local users to cause a denial of service (kernel infinite loop) via crafted INET_DIAG_REQ_BYTECODE instructions in a netlink message, as demonstrated by an INET_DIAG_BC_JMP instruction with a zero yes value, a different vulnerability than CVE-2010-3880.
Original Advisory: https://lkml.org/lkml/2011/6/11/87 Solution: Fixed in version 2.6.35.14
There are no longer any 2.x kernels available in the repository with the exception of sys-kernel/xbox-sources which is unsupported by security.