Information Leakage Vulnerability in sys_get_thread_area Function

Information Leakage Vulnerability in sys_get_thread_area Function

CVE-2005-3276 · LOW Severity

AV:L/AC:L/AU:N/C:P/I:N/A:N

The sys_get_thread_area function in process.c in Linux 2.6 before 2.6.12.4 and 2.6.13 does not clear a data structure before copying it to userspace, which might allow a user process to obtain sensitive information.

Learn more about our Cis Benchmark Audit For Distribution Independent Linux.