Impact
The vulnerability resides in the Linux kernel’s rseq_exit_user_update function, where an uninitialized stack variable is used. The compiler may evaluate cpu_to_node(ids.cpu_id) before ids.cpu_id is assigned, causing the node_id field to contain an indeterminate value. When rseq_set_ids_get_csaddr is invoked, kernel information leak that exposes kernel data to the calling process. The weakness is an uninitialized variable usage (CWE‑908).
Affected Systems
All the assignment of ids.node_id outside the struct initialization are affected. The vendor is Linux and the affected product is the Linux kernel; any kernel before this patch is vulnerable.
Risk and Exploitability
The EPSS score is <1%, indicating a very low probability of exploitation. The vulnerability is not listed in CISA KEV. The likely attack vector is local or privileged execution, inferred from the description; an attacker would need to trigger the rseq code path to trigger the information‑leak. While the immediate risk is moderate, a successful leak could provide a foothold for higher‑level attacks on the system.
OpenCVE Enrichment