The evm_verify_hmac function in security/integrity/evm/evm_main.c in the Linux kernel before 4.5 does not properly copy data, which makes it easier for local users to forge MAC values via a timing side-channel attack.
Name | Vendor | Start Version | End Version |
---|---|---|---|
Linux_kernel | Linux | * | 4.4.8 (including) |