Race condition in the sclpctlioctlsccb function in drivers/s390/char/sclpctl.c in the Linux kernel before 4.6 allows local users to obtain sensitive information from kernel memory by changing a certain length value, aka a "double fetch" vulnerability.