Linux kernel built with the Generic Target Core Mod(TCM), an iSCSI Target
engine(CONFIG_TARGET_CORE), along with the Ramdisk back-end driver support, is vulnerable to an information leakage flaw. It could occur while performing I/O operations on behalf of a SCSI initiator.
A privileged user/process could use this flaw to leak kernel memory bytes.
This issue does not affect the version of the kernel package as shipped with Red Hat Enterprise Linux 5.
This issue affects the versions of Linux kernel package as shipped with Red Hat Enterprise Linux 6 and 7. Future kernel updates for Red Hat Enterprise Linux 6 and 7 may address this issue.
This issue has been addressed in following products:
MRG for RHEL-6 v.2
Via RHSA-2014:0913 https://rhn.redhat.com/errata/RHSA-2014-0913.html
An information leak flaw was found in the RAM Disks Memory Copy (rd_mcp) backend driver of the iSCSI Target subsystem of the Linux kernel. A privileged user could use this flaw to leak the contents of kernel memory to an iSCSI initiator remote client.
This issue has been addressed in the following products:
Red Hat Enterprise Linux 7
Via RHSA-2014:1971 https://rhn.redhat.com/errata/RHSA-2014-1971.html