The remote Debian host is missing a security-related update.
Several vulnerabilities have been discovered in the Linux kernel that may lead to a privilege escalation or denial of service. - CVE-2018-5390 Juha-Matti Tilli discovered that a remote attacker can trigger the worst case code paths for TCP stream reassembly with low rates of specially crafted packets leading to remote denial of service. - CVE-2018-13405 Jann Horn discovered that the inode_init_owner function in fs/inode.c in the Linux kernel allows local users to create files with an unintended group ownership allowing attackers to escalate privileges by making a plain file executable and SGID.
Upgrade the linux packages. For the stable distribution (stretch), these problems have been fixed in version 4.9.110-3+deb9u1. This update includes fixes for several regressions in the latest point release.