An information leakage vulnerability has been reported to exist in the
Linux kernel when writing to an ext3 file system. This issue is due to
a design error that causes some kernel information to be leaked.
It has been reported that this issue requires that the attacker be
able to read the raw device; an action which is restricted to
privileged users. Due to the nature of the issue, this really only
poses a security risk if the privileged user is not intended to access
this information already.
April 20, 2004