Errata overview
Errata ID 498
Date 2018-01-31
Source package univention-kernel-image
Fixed in version 10.0.0-11A~
This update of the Linux kernel to version 4.9.78 addresses the following
* Systems with microprocessors utilizing speculative execution and indirect
  branch prediction may allow unauthorized disclosure of information to an
  attacker with local user access via a side-channel analysis (CVE-2017-5715)
* kvm: stack-based out-of-bounds read via vmcall instruction (CVE-2017-17741)
* Stack information leak in the EFS element (CVE-2017-1000410)

This is a major update for the Linux kernel as Linux kernel version 4.1 is no
longer maintained and does no longer get any security updates! Backporting
the patches for 'Meltdown' and 'Spectre' is considered too risky.
The Linux kernel provides a stable ABI so user programs should not notice the
upgrade in general. Low-level programs like 'udev' have been updated to
support both old and new Linux kernels, see also Errata 490-494.
On the other hand kernel internal details have changed, which might break
external kernel modules.
Additional notes This is the third of three parts.
CVE ID CVE-2017-5715
UCS Bug number #46188