The /proc/sys/kernel/rh_features file is readable by unprivileged users and if no tracked feature is used on the system (that is by default), it copies a chunk of uninitialized memory to the user space. Means that reading of the file /proc/sys/kernel/rh_features by unprivileged user can lead to kernel memory disclosure, but user cannot control the size and location of the memory being read (usually empty or nothing, so in most cases no memory disclosure). There's no buffer overflow or availability impact, so only possibility of confidentiality impact. It's in RHEL 8 only code (not upstream) and was introduced in RHEL 8.2 by kernel commit b42078ac845a ("[kernel] rh_features: move rh_features entry to sys/kernel").
Statement: This issue is rated as having Low impact because of the limited and random (non-controllable by attacker) memory disclosure.
Mitigation: Mitigation for this issue is either not available or the currently available options don't meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.
This issue has been addressed in the following products: Red Hat Enterprise Linux 8 Via RHSA-2020:4431 https://access.redhat.com/errata/RHSA-2020:4431
This issue has been addressed in the following products: Red Hat Enterprise Linux 8 Via RHSA-2020:4609 https://access.redhat.com/errata/RHSA-2020:4609
This bug is now closed. Further updates for individual products will be reflected on the CVE page(s): https://access.redhat.com/security/cve/cve-2020-10774