Linux Kernel NFSv4 Credential Leak Vulnerability in Trunking Discovery

A vulnerability in the Linux kernel's NFSv4 implementation has been addressed, which involved a credential leak during the trunking discovery process. This issue was caused by improper handling of credentials in the '_nfs4_discover_trunking' function, leading to a potential leak of sensitive information.

Impact

Exploitation of this vulnerability could result in unintended exposure of credentials, potentially allowing for unauthorized access or actions within the NFSv4 context.

Reproduction

The vulnerability can be reproduced by triggering the '_nfs4_discover_trunking' function within the NFSv4 module of the Linux kernel. This function will allocate a page and a structure for file system locations. If the allocation fails, the function will return an error. However, if the function is interrupted after the credentials are obtained but before they are properly released, a credential leak occurs.

Remediation

Users can upgrade to the latest version of the Linux kernel where this vulnerability has been fixed. The specific commit addressing this issue is available in the Linux kernel stable tree.