|Date: (C)2009-03-24 (M)2017-10-04|
|CVSS Score: 4.9||Access Vector: LOCAL|
|Exploitability Subscore: 3.9||Access Complexity: LOW|
|Impact Subscore: 6.9||Authentication: NONE|
| ||Confidentiality: COMPLETE|
| ||Integrity: NONE|
| ||Availability: NONE|
The ecryptfs_write_metadata_to_contents function in the eCryptfs functionality in the Linux kernel 2.6.28 before 220.127.116.11 uses an incorrect size when writing kernel memory to an eCryptfs file header, which triggers an out-of-bounds read and allows local users to obtain portions of kernel memory.