This is fairly ridiculous to be honest. If you’re going to track an LTS kernel at least keep it up to date with upstream patches. Mainline’s 4.9 is now 4.9.247 ! and includes almost a year !!! of security and bug fixes now which your kernel is lacking. If you don’t address this then your platform is as good as defunct.
Please see this post - the L4T kernel is updated with each JetPack release including bug fixes, security patches, backports from upstream, ect.
The security bulletins are posted to https://www.nvidia.com/en-us/security/
Additional top-fixed issues are included with the L4T Release Notes.
You can also see the git logs here for patches and backports: http://nv-tegra.nvidia.com/gitweb/?p=linux-4.9.git