The loadscript function in fs/binfmtscript.c in the Linux kernel before 3.7.2 does not properly handle recursion, which allows local users to obtain sensitive information from kernel stack memory via a crafted application.
{ "urgency": "not yet assigned" }