This update for the Linux Kernel 3.12.61-52_101 fixes several issues.
The following security issues were fixed:
- CVE-2017-16939: The XFRM dump policy implementation in
net/xfrm/xfrm_user.c allowed local users to gain privileges or cause a
denial of service (use-after-free) via a crafted SO_RCVBUF setsockopt
system call in conjunction with XFRM_MSG_GETPOLICY Netlink messages
(bsc#1069708).
- CVE-2017-15649: net/packet/af_packet.c allowed local users to gain
privileges via crafted system calls that trigger mishandling of
packet_fanout data structures, because of a race condition (involving
fanout_add and packet_do_bind) that leads to a use-after-free
(bsc#1064392).