Please update your
linux+kernel package so that your Linux Kernel version is
4.11.5 or higher; or update your
linux+kernel+lts package so that your Linux Kernel on Long-Term Support branch is version
4.9.32 or higher.
A security vulnerability was reported recently that…
Until recently, /dev/snd/timer driver was prone to a data race, which led to uninitialized memory from the kernel heap being copied to the userspace.
And this was assigned CVE-2017-10000380.