In memzero_explicit of compiler-clang.h, there is a possible bypass of defense in depth due to uninitialized data. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android kernelAndroid ID: A-171418586References: Upstream kernel.
Created kernel tracking bugs for this issue:
Affects: fedora-all [bug 2018213]
This was fixed for Fedora with the 5.9.15 stable kernel updates.