Linux Kernel could allow a local authenticated attacker to obtain sensitive information, caused by a flaw in the romfs_dev_read function in romfs_dev_read. By using a specially-crafted file, an attacker could exploit this vulnerability to obtain uninitialized memory information in userspace.
Created kernel tracking bugs for this issue:
Affects: fedora-all [bug 1894913]
This was fixed for Fedora with the 5.8.4 stable kernel updates.