diff --git a/core/linux-odroid-c1/0001-packet-fix-race-condition-in-packet_set_ring.patch b/core/linux-odroid-c1/0001-packet-fix-race-condition-in-packet_set_ring.patch
deleted file mode 100644
index d9d7486a5..000000000
--- a/core/linux-odroid-c1/0001-packet-fix-race-condition-in-packet_set_ring.patch
+++ /dev/null
@@ -1,92 +0,0 @@
-From f7282b275c1b0eb4e9d4d385cbcc13fbec414db2 Mon Sep 17 00:00:00 2001
-From: Philip Pettersson <philip.pettersson@gmail.com>
-Date: Wed, 30 Nov 2016 14:55:36 -0800
-Subject: [PATCH] packet: fix race condition in packet_set_ring
-
-When packet_set_ring creates a ring buffer it will initialize a
-struct timer_list if the packet version is TPACKET_V3. This value
-can then be raced by a different thread calling setsockopt to
-set the version to TPACKET_V1 before packet_set_ring has finished.
-
-This leads to a use-after-free on a function pointer in the
-struct timer_list when the socket is closed as the previously
-initialized timer will not be deleted.
-
-The bug is fixed by taking lock_sock(sk) in packet_setsockopt when
-changing the packet version while also taking the lock at the start
-of packet_set_ring.
-
-Fixes: f6fb8f100b80 ("af-packet: TPACKET_V3 flexible buffer implementation.")
-Signed-off-by: Philip Pettersson <philip.pettersson@gmail.com>
-Signed-off-by: Eric Dumazet <edumazet@google.com>
-Signed-off-by: David S. Miller <davem@davemloft.net>
----
- net/packet/af_packet.c | 18 ++++++++++++------
- 1 file changed, 12 insertions(+), 6 deletions(-)
-
-diff --git a/net/packet/af_packet.c b/net/packet/af_packet.c
-index 2d454a2..c200b1d 100644
---- a/net/packet/af_packet.c
-+++ b/net/packet/af_packet.c
-@@ -3135,19 +3135,25 @@ packet_setsockopt(struct socket *sock, int level, int optname, char __user *optv
- 
- 		if (optlen != sizeof(val))
- 			return -EINVAL;
--		if (po->rx_ring.pg_vec || po->tx_ring.pg_vec)
--			return -EBUSY;
- 		if (copy_from_user(&val, optval, sizeof(val)))
- 			return -EFAULT;
- 		switch (val) {
- 		case TPACKET_V1:
- 		case TPACKET_V2:
- 		case TPACKET_V3:
--			po->tp_version = val;
--			return 0;
-+			break;
- 		default:
- 			return -EINVAL;
- 		}
-+		lock_sock(sk);
-+		if (po->rx_ring.pg_vec || po->tx_ring.pg_vec) {
-+			ret = -EBUSY;
-+		} else {
-+			po->tp_version = val;
-+			ret = 0;
-+		}
-+		release_sock(sk);
-+		return ret;
- 	}
- 	case PACKET_RESERVE:
- 	{
-@@ -3602,6 +3608,7 @@ static int packet_set_ring(struct sock *sk, union tpacket_req_u *req_u,
- 	/* Added to avoid minimal code churn */
- 	struct tpacket_req *req = &req_u->req;
- 
-+	lock_sock(sk);
- 	/* Opening a Tx-ring is NOT supported in TPACKET_V3 */
- 	if (!closing && tx_ring && (po->tp_version > TPACKET_V2)) {
- 		WARN(1, "Tx-ring is not supported.\n");
-@@ -3683,7 +3690,6 @@ static int packet_set_ring(struct sock *sk, union tpacket_req_u *req_u,
- 			goto out;
- 	}
- 
--	lock_sock(sk);
- 
- 	/* Detach socket from network */
- 	spin_lock(&po->bind_lock);
-@@ -3732,11 +3738,11 @@ static int packet_set_ring(struct sock *sk, union tpacket_req_u *req_u,
- 		if (!tx_ring)
- 			prb_shutdown_retire_blk_timer(po, tx_ring, rb_queue);
- 	}
--	release_sock(sk);
- 
- 	if (pg_vec)
- 		free_pg_vec(pg_vec, order, req->tp_block_nr);
- out:
-+	release_sock(sk);
- 	return err;
- }
- 
--- 
-2.10.2
-
diff --git a/core/linux-odroid-c1/PKGBUILD b/core/linux-odroid-c1/PKGBUILD
index 8cc09250c..a5630f9f8 100644
--- a/core/linux-odroid-c1/PKGBUILD
+++ b/core/linux-odroid-c1/PKGBUILD
@@ -4,12 +4,12 @@
 buildarch=4
 
 pkgbase=linux-odroid-c1
-_commit=29ceae15e7241f635dfb18ea8ee9c3d4c32a2d5a
+_commit=daf15c96939bae35227c78a0f6d78fce4cafe885
 _srcname=linux-${_commit}
 _kernelname=${pkgbase#linux}
 _desc="ODROID-C1"
-pkgver=3.10.104
-pkgrel=12
+pkgver=3.10.107
+pkgrel=1
 arch=('armv7h')
 url="https://github.com/hardkernel/linux"
 license=('GPL2')
@@ -17,12 +17,10 @@ makedepends=('xmlto' 'docbook-xsl' 'kmod' 'inetutils' 'bc' 'git' 'uboot-tools')
 options=('!strip')
 source=("https://github.com/hardkernel/linux/archive/${_commit}.tar.gz"
         "git+https://github.com/mdrjr/c1_bootini.git"
-        '0001-packet-fix-race-condition-in-packet_set_ring.patch'
         'config'
         'amlogic.service')
-md5sums=('17929b7fa6848b798ff5c8d492cb4b76'
+md5sums=('fbdd73c858eae0d4c8b314077a0a16a2'
          'SKIP'
-         '681ed4c48a9ee2a767f1df806623a9f2'
          'c27274182cbe6e22dcf5b12ad84f4585'
          'b8956789318f49cec5b8bb0b41654a9b')
 
@@ -36,8 +34,6 @@ prepare() {
 
   # don't run depmod on 'make install'. We'll do this ourselves in packaging
   sed -i '2iexit 0' scripts/depmod.sh
-
-  git apply ../0001-packet-fix-race-condition-in-packet_set_ring.patch
 }
 
 build() {