Linux kernel built with the Communication CPU to Application CPU Interface (CONFIG_CAIF) is vulnerable to an information leakage flaw. It occurs while receiving messages via recvmsg(2) call. A user/program could use this flaw to leak kernel memory bytes. Upstream fix: ------------- -> http://git.kernel.org/linus/2d6fbfe733f35c6b355c216644e08e149c61b271 Reference: ---------- -> http://www.openwall.com/lists/oss-security/2013/04/14/3
Statement: This issue does not affect the versions of the kernel package as shipped with Red Hat Enterprise Linux 5, 6 and Red Hat Enterprise MRG 2.