Unrated severityNVD Advisory· Published Feb 28, 2014· Updated Jun 17, 2026
CVE-2014-2038
CVE-2014-2038
Description
The nfs_can_extend_write function in fs/nfs/write.c in the Linux kernel before 3.13.3 relies on a write delegation to extend a write operation without a certain up-to-date verification, which allows local users to obtain sensitive information from kernel memory in opportunistic circumstances by writing to a file in an NFS filesystem and then reading the same file.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected products
4cpe:2.3:o:canonical:ubuntu_linux:12.04:*:*:*:esm:*:*:*+ 1 more
- cpe:2.3:o:canonical:ubuntu_linux:12.04:*:*:*:esm:*:*:*
- cpe:2.3:o:canonical:ubuntu_linux:13.10:*:*:*:*:*:*:*
Patches
Vulnerability mechanics
References
7- bugzilla.redhat.com/show_bug.cginvdIssue TrackingPatchThird Party Advisory
- github.com/torvalds/linux/commit/263b4509ec4d47e0da3e753f85a39ea12d1eff24nvdPatchThird Party Advisory
- www.kernel.org/pub/linux/kernel/v3.x/ChangeLog-3.13.3nvdRelease NotesVendor Advisory
- www.openwall.com/lists/oss-security/2014/02/20/16nvdMailing ListThird Party Advisory
- www.ubuntu.com/usn/USN-2137-1nvdThird Party Advisory
- www.ubuntu.com/usn/USN-2140-1nvdThird Party Advisory
- git.kernel.orgnvd
News mentions
0No linked articles in our index yet.