AOSA-2017-0043: UPDATE LINUX KERNEL

JUNE 29, 2017

Most good programmers do programming not because they expect to get paid or get adulation by the public, but because it is fun to program. – Linus Torvalds

Please update your linux+kernel package so that your Linux Kernel version is 4.11.5 or higher; or update your linux+kernel+lts package so that your Linux Kernel on Long-Term Support branch is version 4.9.32 or higher.

A security vulnerability was reported recently that…

Until recently, /dev/snd/timer driver was prone to a data race, which led to uninitialized memory from the kernel heap being copied to the userspace.

And this was assigned CVE-2017-10000380.

Relevant documentations:

1498703137488