Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
N/A
Vulnerability Description
The nfs_can_extend_write function in fs/nfs/write.c in the Linux kernel before 3.13.3 relies on a write delegation to extend a write operation without a certain up-to-date verification, which allows local users to obtain sensitive information from kernel memory in opportunistic circumstances by writing to a file in an NFS filesystem and then reading the same file.
CVSS Information
N/A
Vulnerability Type
N/A
Vulnerability Title
Linux Kernel NFS File System‘write.c’输入验证错误漏洞
Vulnerability Description
Linux kernel是美国Linux基金会发布的开源操作系统Linux所使用的内核。NFSv4 implementation是其中的一个分布式文件系统协议。 Linux kernel 3.13.2及之前的版本中的fs/nfs/write.c文件的‘nfs_can_extend_write’函数存在安全漏洞。本地攻击者可通过在NFS文件系统中的文件执行写操作后读取该文件,利用该漏洞获取内核内存的敏感信息。
CVSS Information
N/A
Vulnerability Type
N/A