From secunia security advisor ad $URL: Description: A vulnerability has been reported in the Linux Kernel, which can be exploited by malicious people to cause a DoS (Denial of Service). The vulnerability is caused due to a signedness error within the "CIFSFindNext()" function (fs/cifs/cifssmb.c), which can be exploited to e.g. crash a client by sending specially crafted CIFS messages. Successful exploitation requires that a malicious server is used. Here is the patch: https://patchwork.kernel.org/patch/1088082/
CVE-2011-3191 (http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-3191): Integer signedness error in the CIFSFindNext function in fs/cifs/cifssmb.c in the Linux kernel before 3.1 allows remote CIFS servers to cause a denial of service (memory corruption) or possibly have unspecified other impact via a large length value in a response to a read request for a directory.
There are no longer any 2.x or <3.1 kernels available in the repository with the exception of sys-kernel/xbox-sources which is unsupported by security.
