CVE-2014-2889 (http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-2889): Off-by-one error in the bpf_jit_compile function in arch/x86/net/bpf_jit_comp.c in the Linux kernel before 3.1.8, when BPF JIT is enabled, allows local users to cause a denial of service (system crash) or possibly gain privileges via a long jump after a conditional jump.
Fix in 3.2 as https://github.com/torvalds/linux/commit/a03ffcf873fe0f2565386ca8ef832144c42e67fa