Description: Race condition in the environ_read function in fs/proc/base.c in the Linux kernel before 4.5.4 allows local users to obtain sensitive information from kernel memory by reading a /proc/*/environ file during a process-setup time interval in which environment-variable copying is incomplete. References: http://source.android.com/security/bulletin/2016-11-01.html https://bugzilla.kernel.org/show_bug.cgi?id=116461 https://forums.grsecurity.net/viewtopic.php?f=3&t=4363 Notes: Bugs: upstream: released (4.6-rc7) [8148a73c9901a8794a50f950083c00ccf97d43b3] 3.16-upstream-stable: released (3.16.36) 3.2-upstream-stable: released (3.2.81) sid: released (4.5.4-1) 3.16-jessie-security: released (3.16.36-1) 3.2-wheezy-security: released (3.2.81-1)