The compat_get_timex function in kernel/compat.c in the Linux kernel allows local users to obtain possibly sensitive information from a kernel memory via adjtimex system call. Reference (includes PoC): https://bugs.chromium.org/p/project-zero/issues/detail?id=1574 Introduced by: https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=3a4d44b6162555070194e486ff6b3799a8d323a2 An upstream patch: https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=0a0b98734479aa5b3c671d5190e86273372cab95
Created kernel tracking bugs for this issue: Affects: fedora-all [bug 1583315]
This was fixed for Fedora users with the 4.16.9 stable update.