Description
-----------

The Genlock driver does not properly initialize all members of a structure
before copying it to user space. This allows a local attacker to obtain
potentially sensitive information from kernel stack memory via ioctl system
calls.

Classification
--------------

Location: Local Access Required
Attack Type: Information Disclosure, Input Manipulation
Version: Kernel MSM < 3.10
Impact: Loss of Confidentiality
Solution: Patch / RCS
Disclosure: Vendor Verified
CVE ID: CVE-2013-6392
CWE ID: CWE-200

References
----------

Credit: Jonathan Salwan
Mail List Post: http://seclists.org/oss-sec/2013/q4/334
Commit patch: https://www.codeaurora.org/cgit/quic/la/kernel/msm/commit/drivers/base/genlock.c?id=e3c43027bdb59f03eec7ead0a01c77e4bf801625