ToT commit 97f3c0a4b0579b646b6b10ae5a3d59f0441cc12c
(ACPICA: acpi: acpica: fix acpi operand cache leak in nseval.c)
was assigned CVE-2017-13695
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-13695
and has been public since August 25 2017
Please apply to 3.18, 4.4 and 4.9 stable kernels for the reasons
outlined in the body of the patch:
"This cache leak causes a security threat because an old kernel (<= 4.9)
shows memory locations of kernel functions in stack dump. Some malicious
users could use this information to neutralize kernel ASLR."
Bonus Points: Since the patch is ToT upstream, relieving the bug that
results in the memory leak, even despite the non-CVE security status for
<=4.12 kernels, it may be advised to also include this patch in 4.14.y
stable as well.
Sincerely -- Mark Salyzyn
