Alan J. Wylie

**Name of the Vulnerable Software and Affected Versions** Linux kernel versions prior to 4.9.5 **Description** The issue is related to an error in the `pipe advance` function in the Linux kernel, which can allow local users to obtain sensitive information from uninitialized heap-memory locations in certain circumstances. This can occur when reading from a pipe after an incorrect buffer-release decision. The estimated number of potentially affected devices worldwide is not specified. **Recommendations** For Linux kernel versions prior to 4.9.5, update to version 4.9.5 or later to resolve the issue. As a temporary workaround, consider restricting access to the `pipe advance` function in the Linux kernel until a patch is available.