The evm_verify_hmac function in security/integrity/evm/evm_main.c in the Linux kernel before 4.5 does not properly copy data, which makes it easier for local users to forge MAC values via a timing side-channel attack.
3.13.0-85.1293.16.0-69.89~14.04.13.19.0-58.64~14.04.14.2.0-35.40~14.04.1Exploitability
AV:LAC:LPR:LUI:NScope
S:UImpact
C:NI:HA:NCVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N