Description: uninitialized kernel stack may lead to information disclosure
References:
 https://bugzilla.redhat.com/show_bug.cgi?id=1995570
Notes:
 carnil> As of 2021-11-04 no further information yet provided in
 carnil> RHBZ#1995570. The description reads as "A memory leak problem
 carnil> was found in mbochs_ioctl in samples/vfio-mdev/mbochs.c in
 carnil> Virtual Function I/O (VFIO) Mediated devices. This flaw could
 carnil> allow a local attacker to leak internal kernel information."
 carnil> and so relates to changes in samples/vfio-mdev/mbochs.c .
Bugs:
upstream: released (5.15-rc1) [de5494af4815a4c9328536c72741229b7de88e7f]
5.10-upstream-stable: N/A "Vulnerable code not present"
4.19-upstream-stable: N/A "Vulnerable code not present"
4.9-upstream-stable: N/A "Vulnerable code not present"
sid: released (5.14.6-1)
5.10-bullseye-security: N/A "Vulnerable code not present"
4.19-buster-security: N/A "Vulnerable code not present"
4.9-stretch-security: N/A "Vulnerable code not present"