The override_release function in kernel/sys.c in the Linux kernel before 3.4.16 allows local users to obtain sensitive information from kernel stack memory via a uname system call in conjunction with a UNAME26 personality.
Platform | Package | Release Date | Advisory |
---|---|---|---|
Amazon Linux 1 | kernel | 2012-11-20 06:34 | ALAS-2012-142 |
Score Type | Score | Vector | |
---|---|---|---|
Amazon Linux | CVSSv2 | 2.1 | AV:L/AC:L/Au:N/C:P/I:N/A:N |
NVD | CVSSv2 | 4.9 | AV:L/AC:L/Au:N/C:C/I:N/A:N |