Bugzilla will be upgraded to version 5.0 on a still to be determined date in the near future. The original upgrade date has been delayed.
First Last Prev Next    This bug is not in your last search results.
Bug 1066939 - (CVE-2014-2038) CVE-2014-2038 kernel: nfs: data leak during extended writes
CVE-2014-2038 kernel: nfs: data leak during extended writes
Status: CLOSED ERRATA
Product: Security Response
Classification: Other
Component: vulnerability (Show other bugs)
unspecified
All Linux
low Severity low
: ---
: ---
Assigned To: Red Hat Product Security
impact=low,public=20140117,reported=2...
: Security
: 1067341 (view as bug list)
Depends On: 1054493 1061260 1066942
Blocks: 1054773
  Show dependency treegraph
 
Reported: 2014-02-19 05:59 EST by Petr Matousek
Modified: 2015-07-29 13:47 EDT (History)
31 users (show)

See Also:
Fixed In Version:
Doc Type: Bug Fix
Doc Text:
Story Points: ---
Clone Of:
Environment:
Last Closed: 2014-07-29 09:55:43 EDT
Type: ---
Regression: ---
Mount Type: ---
Documentation: ---
CRM:
Verified Versions:
Category: ---
oVirt Team: ---
RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: ---

Attachments (Terms of Use)
Add an attachment (proposed patch, testcase, etc.)

  None (edit)
Description Petr Matousek 2014-02-19 05:59:36 EST 
It was found that cached page was not up-to-date in certain cases when
we were extending write to cover the full page and thus contained
uninitalized data.

A local user with write access to file on nfs share could use this flaw
to leak kernel memory.

Please note that apart from having security consequences (data leak), this
bug is also a data corruptor.

Introduced by:
https://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=c7559663

Upstream fix:
https://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=263b4509
Comment 2 Josh Boyer 2014-02-19 08:19:17 EST 
The upstream fix is already backported to the 3.12.11 and 3.13.3 stable kernels.  FYI.
Comment 3 Prasad J Pandit 2014-02-20 15:28:10 EST 
Statement:

This issue does not affect the versions of the kernel package as shipped with Red Hat Enterprise Linux 5 and Red Hat Enterprise MRG 2.
Comment 4 Prasad J Pandit 2014-02-20 15:38:23 EST 
*** Bug 1067341 has been marked as a duplicate of this bug. ***
Comment 5 Vincent Danen 2014-07-29 09:53:42 EDT 
This issue has been addressed in following products:

  Red Hat Enterprise Linux 6

Via RHSA-2014:0328 https://rhn.redhat.com/errata/RHSA-2014-0328.html
Note You need to log in before you can comment on or make changes to this bug.
First Last Prev Next    This bug is not in your last search results.