USN-5353-1: Linux kernel (OEM) vulnerability
It was discovered that the IPsec implementation in the Linux kernel did not
properly allocate enough memory when performing ESP transformations,
leading to a heap-based buffer overflow. A local attacker could use this to
cause a denial of service (system crash) or possibly execute arbitrary
code.
Source: USN-5353-1: Linux kernel (OEM) vulnerability