CVE-2013-6392

Name of the Vulnerable Software and Affected Versions Linux kernel versions 3.x

Description The issue is related to the genlock dev ioctl function in genlock.c in the Genlock driver, which does not properly initialize a certain data structure. This allows local users to obtain sensitive information from kernel stack memory via a crafted GENLOCK IOC EXPORT ioctl call.

Recommendations For Linux kernel version 3.x, consider disabling the genlock dev ioctl function as a temporary workaround until a patch is available. Restrict access to the GENLOCK IOC EXPORT ioctl call to minimize the risk of exploitation.