CVE-2017-7184 Ubuntu Security Notification for Linux, Linux-raspi2 Vulnerability (USN-3251-1)

It was discovered that the xfrm framework for transforming packets in the Linux kernel did not properly validate data received from user space.

A local attacker could use this to cause a denial of service (system crash) or execute arbitrary code with administrative privileges.

Refer to Ubuntu advisory USN-3251-1 for affected packages and patching details, or update with your package manager.

Patch:
Following are links for downloading patches to fix the vulnerabilities:

USN-3251-1: 16.10 (Yakkety) on src (linux-image-4.8.0-45-generic-lpae)

USN-3251-1: 16.10 (Yakkety) on src (linux-image-4.8.0-45-powerpc-smp)

USN-3251-1: 16.10 (Yakkety) on src (linux-image-4.8.0-45-powerpc-e500mc)

USN-3251-1: 16.10 (Yakkety) on src (linux-image-powerpc-smp)

USN-3251-1: 16.10 (Yakkety) on src (linux-image-raspi2)

USN-3251-1: 16.10 (Yakkety) on src (linux-image-generic)

USN-3251-1: 16.10 (Yakkety) on src (linux-image-4.8.0-45-generic)

USN-3251-1: 16.10 (Yakkety) on src (linux-image-4.8.0-1032-raspi2)

USN-3251-1: 16.10 (Yakkety) on src (linux-image-lowlatency)

USN-3251-1: 16.10 (Yakkety) on src (linux-image-generic-lpae)

USN-3251-1: 16.10 (Yakkety) on src (linux-image-4.8.0-45-lowlatency)

USN-3251-1: 16.10 (Yakkety) on src (linux-image-powerpc-e500mc)