The fill_event_metadata function in fs/notify/fanotify/fanotify_user.c in the Linux kernel through 3.9.4 does not initialize a certain structure member, which allows local users to obtain sensitive information from kernel memory via a read operation on the fanotify descriptor.
Name | Vendor | Start Version | End Version |
---|---|---|---|
Linux_kernel | Linux | 3.9.0 | 3.9.0 |
Linux_kernel | Linux | 3.9.2 | 3.9.2 |
Linux_kernel | Linux | 3.9 | 3.9 |
Linux_kernel | Linux | 3.9 | 3.9 |
Linux_kernel | Linux | 3.9 | 3.9 |
Linux_kernel | Linux | 3.9 | 3.9 |
Linux_kernel | Linux | 3.9.3 | 3.9.3 |
Linux_kernel | Linux | * | 3.9.4 |
Linux_kernel | Linux | 3.9 | 3.9 |
Linux_kernel | Linux | 3.9 | 3.9 |
Linux_kernel | Linux | 3.9 | 3.9 |
Linux_kernel | Linux | 3.9.1 | 3.9.1 |