First published: Sun May 08 2016(Updated: )
A vulnerability was found in Linux kernel. There is an information leak in file "sound/core/timer.c" of the latest mainline Linux kernel, the stack object “tread” has a total size of 32 bytes. It contains a 8-bytes padding, which is not initialized but sent to user via copy_to_user(), resulting a kernel leak.
Credit: cve@mitre.org cve@mitre.org cve@mitre.org
Affected Software | Affected Version | How to fix |
---|---|---|
redhat/kernel-rt | <0:3.10.0-514.rt56.420.el7 | 0:3.10.0-514.rt56.420.el7 |
redhat/kernel | <0:3.10.0-514.el7 | 0:3.10.0-514.el7 |
Linux Linux kernel | <=4.6 | |
Canonical Ubuntu Linux | =12.04 | |
Canonical Ubuntu Linux | =14.04 | |
Canonical Ubuntu Linux | =15.10 | |
Canonical Ubuntu Linux | =16.04 | |
Novell Suse Linux Enterprise Software Development Kit | =11.0-sp4 | |
Novell Suse Linux Enterprise Software Development Kit | =12.0 | |
Novell Suse Linux Enterprise Software Development Kit | =12.0-sp1 | |
Novell Suse Linux Enterprise Debuginfo | =11.0-sp4 | |
Novell Suse Linux Enterprise Desktop | =12.0 | |
Novell Suse Linux Enterprise Desktop | =12.0-sp1 | |
Novell Suse Linux Enterprise Live Patching | =12.0 | |
Novell Suse Linux Enterprise Module For Public Cloud | =12.0 | |
Novell Suse Linux Enterprise Real Time Extension | =12.0-sp1 | |
Novell Suse Linux Enterprise Server | =11.0-extra | |
Novell Suse Linux Enterprise Server | =11.0-sp4 | |
Novell Suse Linux Enterprise Server | =12.0 | |
Novell Suse Linux Enterprise Server | =12.0-sp1 | |
Novell Suse Linux Enterprise Workstation Extension | =12.0 | |
Novell Suse Linux Enterprise Workstation Extension | =12.0-sp1 | |
debian/linux | 5.10.223-1 5.10.226-1 6.1.106-3 6.1.112-1 6.11.4-1 6.11.5-1 |
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.