Information disclosure in Linux kernel - CVE-2017-13695
Published: June 16, 2022
Linux kernel
Detailed vulnerability description
The vulnerability allows a local user to gain access to potentially sensitive information.
The vulnerability exists in the Linux kernel's ACPI subsystem where a function does not flush the operand cache and causes a kernel stack dump. A local user can pass a specially crafted ACPI table to obtain sensitive information from kernel memory and bypass the KASLR protection mechanism.