The cifs code will attempt to open files on lookup under certain circumstances. What happens though if we find that the file we opened was actually a FIFO or other special file? Currently, the open filehandle just ends up being leaked leading to a dentry refcount mismatch and oops on umount. An unprivileged local user could use this flaw to crash the system. Introduced by: a6ce4932fbdbcd8f8e8c6df76812014351c32892 Proposed upstream patch: http://thread.gmane.org/gmane.linux.kernel.cifs/5526
There are no longer any 2.x or <3.2.10 kernels available in the repository with the exception of sys-kernel/xbox-sources which is unsupported by security.