DescriptionThe sched_read_attr function in kernel/sched/core.c in the Linux kernel 3.14-rc before 3.14-rc4 uses an incorrect size, which allows local users to obtain sensitive information from kernel stack memory via a crafted sched_getattr system call.
Overall state of this security issue: Does not affect SUSE products
This issue is currently rated as having moderate severity.
|National Vulnerability Database|
Note from the SUSE Security TeamThis issue was introduced in Linux Kernel 3.13 and was fixed in Linux Kernel 3.14, so none of the SUSE Linux Enterprise products are affected. SUSE Bugzilla entry: 986794 [RESOLVED / UPSTREAM] No SUSE Security Announcements cross referenced.
Status of this issue by product and package
Please note that this evaluation state might be work in progress, incomplete or outdated. Also information for service packs in the LTSS phase is only included for issues meeting the LTSS criteria. If in doubt, feel free to contact us for clarification.
|SUSE Linux Enterprise Desktop 12 GA||kernel-source||Not affected|
|SUSE Linux Enterprise Desktop 12 SP1||kernel-source||Unsupported|
|SUSE Linux Enterprise Server 10 SP4 LTSS||kernel-source||Not affected|
|SUSE Linux Enterprise Server 11 SP2 LTSS||kernel-source||Not affected|
|SUSE Linux Enterprise Server 11 SP3 LTSS||kernel-source||Not affected|
|SUSE Linux Enterprise Server 11 SP4||kernel-source||Not affected|
|SUSE Linux Enterprise Server 12 GA||kernel-source||Not affected|
|SUSE Linux Enterprise Server 12 SP1||kernel-source||Unsupported|