Candidate: CVE-2008-3911
Description:
 The proc_do_xprt function in net/sunrpc/sysctl.c in the Linux kernel
 2.6.26.3 does not check the length of a certain buffer obtained from
 userspace, which allows local users to overflow a stack-based buffer
 and have unspecified other impact via a crafted read system call for
 the /proc/sys/sunrpc/transports file.
References: 
 http://lkml.org/lkml/2008/8/30/184
 http://lkml.org/lkml/2008/8/30/140
 http://www.openwall.com/lists/oss-security/2008/09/04/2
 http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git;a=commit;h=27df6f25ff218072e0e879a96beeb398a79cdbc8
Ubuntu-Description: 
Notes: 
Bugs: 
upstream: released (2.6.26.4), released (2.6.27)
linux-2.6: released (2.6.26-5) [bugfix/all/stable/2.6.26.4.patch]
2.6.18-etch-security: N/A
2.6.24-etch-security: N/A
2.6.26-lenny-security: released (2.6.26-5) [bugfix/all/stable/2.6.26.4.patch]
2.6.15-dapper-security: N/A
2.6.20-feisty-security: N/A
2.6.22-gutsy-security: N/A
2.6.24-hardy-security: N/A
2.6.27-intrepid-security: N/A