iDefense Security Advisory 06.07.07 - Local exploitation of an information disclosure vulnerability within the Linux Kernel allows attackers to obtain sensitive information from kernel memory. This vulnerability specifically exists in the "cpuset_tasks_read" function. This function is responsible for supplying user-land processes with data when they read from the /dev/cpuset/tasks file. iDefense has confirmed the existence of this vulnerability in version 2.6.20 of the Linux Kernel as installed with Fedora CORE 6. It is suspected that previous versions, at least until 2.6.12, are also vulnerable.
1cbddf9f964522b8a1b33ad47d06eb80d8a50c65a2cc77358d4192f28d785c29