Early Access — Mondoo Vulnerability Intelligence is currently in preview.
Off-by-one error in the pipe_advance function in lib/iov_iter.c in the Linux kernel before 4.9.5 allows local users to obtain sensitive information from uninitialized heap-memory locations in opportunistic circumstances by reading from a pipe after an incorrect buffer-release decision.
4.13.0-16.194.15.0-1001.14.15.0-1023.24~14.04.14.11.0-1009.94.15.0-1002.24.10.0-1004.44.15.0-1001.14.8.0-36.36~16.04.14.8.0-39.42~16.04.14.8.0-41.44~16.04.14.8.0-42.45~16.04.14.8.0-44.47~16.04.14.8.0-45.48~16.04.14.8.0-46.49~16.04.14.8.0-49.52~16.04.14.8.0-51.54~16.04.14.8.0-52.55~16.04.1+4 more4.10.0-27.30~16.04.24.15.0-1002.24.13.0-1008.94.15.0-1002.34.13.0-1005.5Exploitability
AV:LAC:LPR:LUI:NScope
S:UImpact
C:HI:NA:NCVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N