From secunia security advisor at $URL:
The vulnerability is caused due to an error when mounting CIFS shares with certain DFS referrals, which can be exploited to trigger a "BUG_ON()" in a client by tricking the victim into mounting from a malicious server.
The setup_cifs_sb function in fs/cifs/connect.c in the Linux kernel before
2.6.39 does not properly handle DFS referrals, which allows remote CIFS
servers to cause a denial of service (system crash) by placing a referral at
the root of a share.
There are no longer any 2.x kernels available in the repository with the exception of sys-kernel/xbox-sources which is unsupported by security.