It was found that cached page was not up-to-date in certain cases when we were extending write to cover the full page and thus contained uninitalized data. A local user with write access to file on nfs share could use this flaw to leak kernel memory. Please note that apart from having security consequences (data leak), this bug is also a data corruptor. Introduced by: https://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=c7559663 Upstream fix: https://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=263b4509
The upstream fix is already backported to the 3.12.11 and 3.13.3 stable kernels. FYI.
Statement: This issue does not affect the versions of the kernel package as shipped with Red Hat Enterprise Linux 5 and Red Hat Enterprise MRG 2.
*** Bug 1067341 has been marked as a duplicate of this bug. ***
This issue has been addressed in following products: Red Hat Enterprise Linux 6 Via RHSA-2014:0328 https://rhn.redhat.com/errata/RHSA-2014-0328.html