From ${URL} : Linux kernel built with the networking support(CONFIG_NET) is vulnerable to an information leakage flaw in the socket layer. It could occur while doing recvmsg(2), recvfrom(2) socket calls. It occurs due to improperly initialised msg_name & msg_namelen message header parameters. A user/program could use this flaw to leak information from kernel memory bytes. Upstream fix: https://git.kernel.org/linus/f3d3342602f8bcbf37d7c46641cb9bca7618eb1c Reference: https://bugzilla.redhat.com/show_bug.cgi?id=1039845
Fixed in 3.13