DescriptionArray index error in the aio_read_events_ring function in fs/aio.c in the Linux kernel through 3.15.1 allows local users to obtain sensitive information from kernel memory via a large head value.
Overall state of this security issue: Does not affect SUSE products
This issue is currently rated as having moderate severity.
|National Vulnerability Database|
Note from the SUSE Security TeamThis issue was introduced in Linux Kernel 3.10, so it does not exist in SUSE Linux Enterprise Server 11 or older products. SUSE Bugzilla entry: 884324 [RESOLVED / FIXED] SUSE Security Advisories:
- openSUSE-SU-2014:1677-1, published Sun, 21 Dec 2014 13:04:41 +0100 (CET)
List of released packages
|Product(s)||Fixed package version(s)||References|
|openSUSE 13.1|| ||Patchnames: