Uninitialized Kernel Memory Disclosure Vulnerability in Linux Kernel
CVE-2017-16994 · LOW Severity
AV:L/AC:L/AU:N/C:P/I:N/A:N
The walk_hugetlb_range function in mm/pagewalk.c in the Linux kernel before 4.14.2 mishandles holes in hugetlb ranges, which allows local users to obtain sensitive information from uninitialized kernel memory via crafted use of the mincore() system call.
Learn more about our Cis Benchmark Audit For Distribution Independent Linux.