| Description: | The atyfb_ioctl function in drivers/video/fbdev/aty/atyfb_base.c in the Linux kernel through 4.12.10 does not initialize a certain data structure, which allows local users to obtain sensitive information from kernel stack memory by reading locations associated with padding bytes. It was discovered that the ATI Radeon framebuffer driver in the Linux kernel did not properly initialize a data structure returned to user space. A local attacker could use this to expose sensitive information (kernel memory).
|