From secunia security advisor at $URL: Description: The vulnerability is caused due to an error when mounting CIFS shares with certain DFS referrals, which can be exploited to trigger a "BUG_ON()" in a client by tricking the victim into mounting from a malicious server. Solution: https://github.com/torvalds/linux/commit/70945643722ffeac779d2529a348f99567fa5c33 (patch)
CVE-2011-3363 (http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-3363): The setup_cifs_sb function in fs/cifs/connect.c in the Linux kernel before 2.6.39 does not properly handle DFS referrals, which allows remote CIFS servers to cause a denial of service (system crash) by placing a referral at the root of a share.
There are no longer any 2.x kernels available in the repository with the exception of sys-kernel/xbox-sources which is unsupported by security.