The rdsincinfo_copy function in net/rds/recv.c in the Linux kernel through 4.6.3 does not initialize a certain structure member, which allows remote attackers to obtain sensitive information from kernel stack memory by reading an RDS message.
{ "vanir_signatures": [ { "digest": { "threshold": 0.9, "line_hashes": [ "288750582223773285938400159747343439799", "257961609276061901559095979629422920512" ] }, "signature_type": "Line", "deprecated": false, "source": "https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git@4116def2337991b39919f3b448326e21c40e0dbb", "id": "CVE-2016-5244-1ef55ede", "target": { "file": "net/rds/recv.c" }, "signature_version": "v1" }, { "digest": { "length": 535.0, "function_hash": "336295930793208337759396680278902723233" }, "signature_type": "Function", "deprecated": false, "source": "https://github.com/torvalds/linux/commit/4116def2337991b39919f3b448326e21c40e0dbb", "id": "CVE-2016-5244-4d47d6c9", "target": { "function": "rds_inc_info_copy", "file": "net/rds/recv.c" }, "signature_version": "v1" }, { "digest": { "length": 535.0, "function_hash": "336295930793208337759396680278902723233" }, "signature_type": "Function", "deprecated": false, "source": "https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git@4116def2337991b39919f3b448326e21c40e0dbb", "id": "CVE-2016-5244-5a38b8e7", "target": { "function": "rds_inc_info_copy", "file": "net/rds/recv.c" }, "signature_version": "v1" }, { "digest": { "threshold": 0.9, "line_hashes": [ "288750582223773285938400159747343439799", "257961609276061901559095979629422920512" ] }, "signature_type": "Line", "deprecated": false, "source": "https://github.com/torvalds/linux/commit/4116def2337991b39919f3b448326e21c40e0dbb", "id": "CVE-2016-5244-b8db9664", "target": { "file": "net/rds/recv.c" }, "signature_version": "v1" } ] }