Errata overview
Errata ID 494
Date 2018-01-12
Source package univention-kernel-image
Fixed in version 10.0.0-10A~
This update of the Linux kernel from version 4.1.40 to version 4.9.76
addresses the following issue:
* Systems with microprocessors utilizing speculative execution and indirect
  branch prediction may allow unauthorized disclosure of information to an
  attacker with local user access via a side-channel analysis of the data
  cache. (CVE-2017-5754)

This is a major update for the Linux kernel as Linux kernel version 4.1 is no
longer maintained and does no longer get any security updates! Backporting
the patches for 'Meltdown' and 'Spectre' is considered too risky.
The Linux kernel provides a stable ABI so user programs should not notice the
upgrade in general. Low-level programs like 'udev' have been updated to
support both old and new Linux kernels.
On the other hand kernel internal details have changed, which might break
external kernel modules.
Additional notes This is the third of five parts.
CVE ID CVE-2017-5754
UCS Bug number #45243