Information Disclosure Vulnerability in Linux Kernel's sched_read_attr Function
CVE-2014-9903 · LOW Severity
AV:L/AC:L/AU:N/C:P/I:N/A:N
The sched_read_attr function in kernel/sched/core.c in the Linux kernel 3.14-rc before 3.14-rc4 uses an incorrect size, which allows local users to obtain sensitive information from kernel stack memory via a crafted sched_getattr system call.
Learn more about our Cis Benchmark Audit For Distribution Independent Linux.