Changes
Since 042stab125.3:
- [Moderate] A flaw was found in the implementation of associative arrays where the add_key systemcall and KEYCTL_UPDATE operations allowed for a NULL payload with a nonzero length. When accessing the payload within this length parameters value, an unprivileged user could trivially cause a NULL pointer dereference (kernel oops). (CVE-2017-15274)
- Improved the hash function for IPv6 neighbours to increase system responsiveness under IPv6 flooding attacks. (PSBM-73496)
- Stopping NFS server inside a container could cause the host to crash. (PSBM-74832)