Linux · Linux Kernel · CVE-2017-7495
**Name of the Vulnerable Software and Affected Versions**
Linux kernel versions prior to 4.6.2
**Description**
The issue allows local users to obtain sensitive information from other users' files under specific circumstances. This can happen when the ext4 data=ordered mode is used and a needs-flushing-before-commit list is mishandled. The exploitation involves waiting for a hardware reset, creating a new file, making write system calls, and then reading this file.
**Recommendations**
For Linux kernel versions prior to 4.6.2, update to version 4.6.2 or later to resolve the issue.