[T/Y/Z SRU] Fix CVE-2017-9605

[Stefan Bader]

Xenial gets this fix via 4.4.72 upstream stable. For Zesty and Yakkety
this is a cherry-pick but for Trusty it is ... a pain. Apparently we
got a version of the driver there which is affected but appears to be
some "special" variant having some code that makes it likely affected
but not the full set of changes as it got upstream.
So I decided to add the additional size checking code in place with
the backport.

-Stefan