In the Linux kernel, the following vulnerability has been resolved:
netlabel: fix out-of-bounds memory accesses
There are two array out-of-bounds memory accesses, one in cipsov4maplvlvalid(), the other in netlblbitmapwalk(). Both errors are embarassingly simple, and the fixes are straightforward.
As a FYI for anyone backporting this patch to kernels prior to v4.8, you'll want to apply the netlblbitmapwalk() patch to cipsov4bitmapwalk() as netlblbitmap_walk() doesn't exist before Linux v4.8.