Withdrawn Advisory
This advisory was withdrawn on Jul 18, 2025. Withdrawn advisories are no longer considered active.
Off-by-one error in the pipe_advance function in lib/iov_iter.c in the Linux kernel before 4.9.5 allows local users to obtain sensitive information from uninitialized heap-memory locations in opportunistic circumstances by reading from a pipe after an incorrect buffer-release decision.
4.15.0-1023.24~14.04.14.11.0-1009.94.10.0-1004.44.10.0-27.30~16.04.24.13.0-1008.94.13.0-16.194.15.0-1001.14.15.0-1002.24.15.0-1001.14.15.0-1002.2Exploitability
AV:LAC:LPR:LUI:NScope
S:UImpact
C:HI:NA:NCVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N