Key Information Vulnerability Description Vulnerability Type: 4-byte infoleak via uninitialized struct field in syscall CVE ID: CVE-2018-11508 Discovery Method: Source review Priority: P2 Severity: S3 Vulnerability Details Related Commit: - Removed the call in - The syscall calls with struct fields uninitialized - If does not write to , then copies the uninitialized field to userspace Example Code Compilation and Execution Compile: Run and observe output value Status and Related Information Reporter: ja...@google.com Status: Fixed Fix Date: Not specified Report Date: May 11, 2018 Target Fix Deadline: 90 days Overdue?: No