CVE-2008-2826 (http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-2826): Integer overflow in the sctp_getsockopt_local_addrs_old function in net/sctp/socket.c in the Stream Control Transmission Protocol (sctp) functionality in the Linux kernel before 2.6.25.9 allows local users to cause a denial of service (resource consumption and system outage) via vectors involving a large addr_num field in an sctp_getaddrs_old data structure.
hardened-kernel unaffected at present time. Removing alias. PS: Anything using >=genpatches-2.6.25-7 is unaffected