CVE-2026-52937

In the Linux kernel, the following vulnerability has been resolved:

tap: fix stack info leak in tap ioctl() SIOCGIFHWADDR

In the SIOCGIFHWADDR path, tap ioctl() copies 16 bytes of an uninitialised on-stack struct sockaddr storage to userspace via ifr hwaddr, but netif get mac address() only writes sa family and dev->addr len (6 for Ethernet) bytes, leaving sa data[6..13] uninitialised.

Those 8 trailing bytes leak kernel stack contents; SIOCGIFHWADDR on a macvtap chardev returns kernel .text and direct-map pointers, defeating KASLR.

Initialise ss at declaration.