ToT commit 97f3c0a4b0579b646b6b10ae5a3d59f0441cc12c
(ACPICA: acpi: acpica: fix acpi operand cache leak in nseval.c)
was assigned CVE-2017-13695 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-13695 and has been public since August 25 2017
Please apply to 3.18, 4.4 and 4.9 stable kernels for the reasons outlined in the body of the patch:
"This cache leak causes a security threat because an old kernel (<= 4.9) shows memory locations of kernel functions in stack dump. Some malicious users could use this information to neutralize kernel ASLR."
Bonus Points: Since the patch is ToT upstream, relieving the bug that results in the memory leak, even despite the non-CVE security status for <=4.12 kernels, it may be advised to also include this patch in 4.14.y stable as well.
Sincerely -- Mark Salyzyn