CVE-2005-3276

Name of the Vulnerable Software and Affected Versions Linux versions prior to 2.6.12.4 and 2.6.13

Description The issue is related to the sys get thread area function in process.c, which does not properly clear a data structure before copying it to userspace. This might allow a user process to obtain sensitive information.

Recommendations For Linux versions prior to 2.6.12.4, update to version 2.6.12.4 or later. For Linux version 2.6.13, no specific fix is provided, however, updating to a later version may mitigate the risk. As a temporary workaround, consider restricting access to the sys get thread area function until a patch is available.