CVE-2008-3911 (http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-3911): The proc_do_xprt function in net/sunrpc/sysctl.c in the Linux kernel 2.6.26.3 does not check the length of a certain buffer obtained from userspace, which allows local users to overflow a stack-based buffer and have unspecified other impact via a crafted read system call for the /proc/sys/sunrpc/transports file.
Corrected Status Whiteboard (refer to relevant upstream ChangeLogs for corroboration). hardened-kernel unaffected at present time. Removing alias. PS: genpatches-2.6.25-11 included 2.6.25.17. genpatches-2.6.26-3 included 2.6.26.4.