This update for the Linux Kernel 4.4.21-84 fixes several issues.
The following security issues were fixed:
- CVE-2017-16939: The XFRM dump policy implementation in
net/xfrm/xfrm_user.c kernel allowed local users to gain privileges or
cause a denial of service (use-after-free) via a crafted SO_RCVBUF
setsockopt system call in conjunction with XFRM_MSG_GETPOLICY Netlink
messages (bsc#1069708).
- CVE-2017-10661: Race condition in fs/timerfd.c allowed local users to
gain privileges or cause a denial of service (list corruption or
use-after-free) via simultaneous file-descriptor operations that
leverage improper might_cancel queueing (bsc#1053153).
This non-security issue was fixed:
- bsc#1062847: Enable proper shut down if NIC teaming is enabled