Ubuntu Security Notice 4008-3 - USN-4008-1 fixed vulnerabilities in the Linux kernel for Ubuntu 16.04 LTS. This update provides the corresponding updates for the Linux Hardware Enablement kernel from Ubuntu 16.04 LTS for Ubuntu 14.04 ESM. Robert Swiecki discovered that the Linux kernel did not properly apply Address Space Layout Randomization in some situations for setuid elf binaries. A local attacker could use this to improve the chances of exploiting an existing vulnerability in a setuid elf binary. Various other issues were also addressed.
aa4cc845dcf7f973e16414a993cbab9ad894d59053308b8791cfaee4cab3ec45