Vigil@nce - Linux kernel: file reading via Deleted Files In Cleancache

January 2019 by Vigil@nce

SYNTHESIS OF THE VULNERABILITY

Impacted products: Fedora, Linux, openSUSE Leap.

Severity: 2/4.

Consequences: data reading.

Provenance: user shell.

Confidence: confirmed by the editor (5/5).

Creation date: 23/11/2018.

DESCRIPTION OF THE VULNERABILITY

A local attacker can read a file via Deleted Files In Cleancache of the Linux kernel, in order to obtain sensitive information.

