"A hostile UDP packet could cause the 8021Q VLAN code to oops" doesn't really match either the longer and more detailed explanation in the linked Debian bug report, or the supplied patch, or the stacktrace recorded.
Those tell another story, which is that a privileged ioctl() was faulty, and this ioctl() was used by an SNMP daemon which answers UDP packets. No SNMP daemon, no exploit.
In this sense the ptrace() bug is also remotely exploitable, you just ssh into the affected machine and execute an exploit.
Copyright © 2017, Eklektix, Inc.
Comments and public postings are copyrighted by their creators.
Linux is a registered trademark of Linus Torvalds