Bugzilla – Bug 865075
VUL-1: CVE-2014-2038: kernel-source: nfs: data leak during extended writes
Last modified: 2015-02-19 03:03:12 UTC
CVE-2014-2038 It was found that cached page was not up-to-date in certain cases when we were extending write to cover the full page and thus contained uninitalized data. A local user with write access to file on nfs share could use this flaw to leak kernel memory. Please note that apart from having security consequences (data leak), this bug is also a data corruptor. Introduced by: https://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=c7559663 Upstream fix: https://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=263b4509 References: https://bugzilla.redhat.com/show_bug.cgi?id=1066939
bugbot adjusting priority
As this bug was introduced in 3.11 the fix is only needed in SLE12 and openSUSE13.1. SLE12 has already received the fix through the -stable series. I have committed it to the 13.1 tree. This is a dup of bug 864867
openSUSE-SU-2014:0678-1: An update that solves 17 vulnerabilities and has 23 fixes is now available. Category: security (important) Bug References: 639379,812592,81660,821619,833968,842553,849334,851244,851426,852656,852967,853350,856760,857643,858638,858872,859342,860502,860835,861750,862746,863235,863335,864025,864867,865075,866075,866102,867718,868653,869414,871148,871160,871252,871325,875440,875690,875798,876531,876699 CVE References: CVE-2013-4579,CVE-2013-6885,CVE-2013-7263,CVE-2013-7264,CVE-2013-7265,CVE-2013-7281,CVE-2014-0069,CVE-2014-0101,CVE-2014-0196,CVE-2014-1438,CVE-2014-1446,CVE-2014-1690,CVE-2014-1737,CVE-2014-1738,CVE-2014-1874,CVE-2014-2523,CVE-2014-2672 Sources used: openSUSE 13.1 (src): cloop-2.639-11.7.1, crash-7.0.2-2.7.1, hdjmod-1.28-16.7.1, ipset-6.19-2.7.1, iscsitarget-1.4.20.3-13.7.1, kernel-docs-3.11.10-11.3, kernel-source-3.11.10-11.1, kernel-syms-3.11.10-11.1, ndiswrapper-1.58-7.1, openvswitch-1.11.0-0.25.1, pcfclock-0.44-258.7.1, virtualbox-4.2.18-2.12.1, xen-4.3.2_01-15.1, xtables-addons-2.3-2.7.1