The fill_event_metadata function in fs/notify/fanotify/fanotify_user.c in the Linux kernel up to and including 3.9.4 does not initialize a certain structure member, which allows local users to obtain sensitive information from kernel memory via a read operation on the fanotify descriptor.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
linux linux kernel 3.9.0 |
||
linux linux kernel 3.9.2 |
||
linux linux kernel 3.9 |
||
linux linux kernel 3.9.3 |
||
linux linux kernel |
||
linux linux kernel 3.9.1 |