Uninitialised memory disclosures TL;DR: Kernel returns a struct with uninit padding — leaks kernel addresses, usable for KASLR bypass. Stub — to be filled in. What it is TODO Preconditions / where it applies TODO Technique TODO Detection and defence TODO References TODO