A flaw was found in the Linux kernels implementation of valid_master_desc() in which a memory buffer would be compared to a userspace value with an incorrect size of comparison. By bruteforcing the comparison an attacker could determine what was in memory after the description. This could allow a local attacker to obtain possibly sensitive information from kernel memory. Upstream patch: https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=794b4bc292f5d31739d89c0202c54e7dc9bc3add
This issue has been addressed in the following products: Red Hat Enterprise MRG 2 Via RHSA-2018:2165 https://access.redhat.com/errata/RHSA-2018:2165