Linux · Linux Kernel · CVE-2016-2085
**Name of the Vulnerable Software and Affected Versions**
Linux kernel versions prior to 4.5
**Description**
The issue concerns a timing side-channel attack that allows local users to forge MAC values. This is due to the evm verify hmac function in security/integrity/evm/evm main.c not properly copying data.
**Recommendations**
For versions prior to 4.5, update to version 4.5 or later to resolve the issue.