Description: xfrm migrate out-of-bound access 
References:
 http://seclists.org/bugtraq/2017/Jul/30
 http://marc.info/?t=150169629800003&r=1&w=2
 http://marc.info/?l=linux-netdev&m=150169627919528&w=2
Notes:
 bwh> Introduced by commit 5c79de6e79cd "[XFRM]: User interface for handling
 bwh> XFRM_MSG_MIGRATE" in 2.6.21.
 carnil> proposed upstream patch: https://git.kernel.org/pub/scm/linux/kernel/git/klassert/ipsec.git/commit/?id=7bab09631c2a303f87a7eb7e3d69e888673b9b7e
Bugs:
upstream: released (4.13) [7bab09631c2a303f87a7eb7e3d69e888673b9b7e]
4.9-upstream-stable: released (4.9.48) [12a70ccaa6868163487f9a5ad97e1a91a397b453]
3.16-upstream-stable: released (3.16.48) [60166dc935e2af97cae9432c0247856e2deb0b3f]
3.2-upstream-stable: released (3.2.93) [31f11713f7bb0a4cb90466331832658c0b9c9e80]
sid: released (4.12.6-1) [bugfix/all/xfrm-policy-check-policy-direction-value.patch]
4.9-stretch-security: released (4.9.30-2+deb9u4) [bugfix/all/xfrm-policy-check-policy-direction-value.patch]
3.16-jessie-security: released (3.16.43-2+deb8u4) [bugfix/all/xfrm-policy-check-policy-direction-value.patch]
3.2-wheezy-security: released (3.2.93-1)