Title
MGASA-2017-0097 -- security update for kernel, kernel-userspace-headers, kmod-vboxadditions, kmod-virtualbox, kmod-xtables-addons
Description
This kernel update is based on upstream 4.4.59 and fixes atleast
the following security issue:
The xfrm_replay_verify_len function in net/xfrm/xfrm_user.c in the Linux
kernel through 4.10.6 does not validate certain size data after an
XFRM_MSG_NEWAE update, which allows local users to obtain root privileges
or cause a denial of service (heap-based out-of-bounds access) by
leveraging the CAP_NET_ADMIN capability (CVE-2017-7184).
For other upstream fixes in this update, see the referenced changelogs.