Vulnerable Library - linuxv3.10

Linux kernel source tree

Library home page: https://github.com/torvalds/linux.git

Found in HEAD commit: adc86a86e0ac98007fd3af905bc71e9f29c1502c

Found in base branch: xsentinel-1.7-experimental

Vulnerable Source Files (1)

android_kernel_samsung_j7elte/fs/nfs/write.c

Vulnerability Details

The nfs_can_extend_write function in fs/nfs/write.c in the Linux kernel before 3.13.3 relies on a write delegation to extend a write operation without a certain up-to-date verification, which allows local users to obtain sensitive information from kernel memory in opportunistic circumstances by writing to a file in an NFS filesystem and then reading the same file.

Publish Date: 2014-02-28

URL: CVE-2014-2038

CVSS 2 Score Details (2.1)

Base Score Metrics not available

Suggested Fix

Type: Upgrade version

Origin: https://nvd.nist.gov/vuln/detail/CVE-2014-2038

Release Date: 2014-02-28

Fix Resolution: 3.13.3