Description of problem: The compat ipc functions allow unprivileged users to read uninitialized stack memory, because some of the structures used and declared on the stack are not altered or zeroed before being copied back to the user. Reference: http://www.openwall.com/lists/oss-security/2010/10/07/1 http://lkml.org/lkml/2010/10/6/492 Acknowledgements: Red Hat would like to thank Dan Rosenberg for reporting this issue.
Statement: This issue did not affect the version of Linux kernel as shipped with Red Hat Enterprise Linux 3 as it did not include IPC compat functionality.
Upstream commit: http://git.kernel.org/linus/03145beb455cf5c20a761e8451e30b8a74ba58d9
Thanks, grabbing this fix for Fedora as it doesn't seem to have made it into the stable series.
This issue has been addressed in following products: MRG for RHEL-5 Via RHSA-2010:0958 https://rhn.redhat.com/errata/RHSA-2010-0958.html
This issue has been addressed in following products: Red Hat Enterprise Linux 6 Via RHSA-2011:0007 https://rhn.redhat.com/errata/RHSA-2011-0007.html
This issue has been addressed in following products: Red Hat Enterprise Linux 5 Via RHSA-2011:0017 https://rhn.redhat.com/errata/RHSA-2011-0017.html
This issue has been addressed in following products: Red Hat Enterprise Linux 4 Via RHSA-2011:0162 https://rhn.redhat.com/errata/RHSA-2011-0162.html