The n_tty_write function in drivers/tty/n_tty.c in the Linux kernel through 3.14.3 does not properly manage tty driver access in the "LECHO & !OPOST" case, which allows local users to cause a denial of service (memory corruption and system crash) or gain privileges by triggering a race condition involving read and write operations with long strings.
References
Configurations
Configuration 1 (hide)
|
Configuration 2 (hide)
|
Configuration 3 (hide)
|
Configuration 4 (hide)
|
Configuration 5 (hide)
|
Configuration 6 (hide)
|
Configuration 7 (hide)
|
History
21 Nov 2024, 02:01
Type | Values Removed | Values Added |
---|---|---|
References | () http://bugzilla.novell.com/show_bug.cgi?id=875690 - Issue Tracking, Permissions Required, Third Party Advisory | |
References | () http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commit%3Bh=4291086b1f081b869c6d79e5b7441633dc3ace00 - Broken Link | |
References | () http://linux.oracle.com/errata/ELSA-2014-0771.html - Third Party Advisory | |
References | () http://lists.opensuse.org/opensuse-security-announce/2014-05/msg00007.html - Mailing List, Third Party Advisory | |
References | () http://lists.opensuse.org/opensuse-security-announce/2014-05/msg00012.html - Mailing List, Third Party Advisory | |
References | () http://pastebin.com/raw.php?i=yTSFUBgZ - Exploit, Mailing List, Third Party Advisory | |
References | () http://rhn.redhat.com/errata/RHSA-2014-0512.html - Third Party Advisory | |
References | () http://secunia.com/advisories/59218 - Not Applicable | |
References | () http://secunia.com/advisories/59262 - Broken Link | |
References | () http://secunia.com/advisories/59599 - Broken Link | |
References | () http://source.android.com/security/bulletin/2016-07-01.html - Not Applicable | |
References | () http://support.f5.com/kb/en-us/solutions/public/15000/300/sol15319.html - Third Party Advisory | |
References | () http://www.debian.org/security/2014/dsa-2926 - Third Party Advisory | |
References | () http://www.debian.org/security/2014/dsa-2928 - Third Party Advisory | |
References | () http://www.exploit-db.com/exploits/33516 - Exploit, Third Party Advisory, VDB Entry | |
References | () http://www.openwall.com/lists/oss-security/2014/05/05/6 - Mailing List, Third Party Advisory | |
References | () http://www.osvdb.org/106646 - Broken Link | |
References | () http://www.ubuntu.com/usn/USN-2196-1 - Third Party Advisory | |
References | () http://www.ubuntu.com/usn/USN-2197-1 - Third Party Advisory | |
References | () http://www.ubuntu.com/usn/USN-2198-1 - Third Party Advisory | |
References | () http://www.ubuntu.com/usn/USN-2199-1 - Third Party Advisory | |
References | () http://www.ubuntu.com/usn/USN-2200-1 - Third Party Advisory | |
References | () http://www.ubuntu.com/usn/USN-2201-1 - Third Party Advisory | |
References | () http://www.ubuntu.com/usn/USN-2202-1 - Third Party Advisory | |
References | () http://www.ubuntu.com/usn/USN-2203-1 - Third Party Advisory | |
References | () http://www.ubuntu.com/usn/USN-2204-1 - Third Party Advisory | |
References | () https://bugzilla.redhat.com/show_bug.cgi?id=1094232 - Issue Tracking, Patch, Third Party Advisory | |
References | () https://github.com/torvalds/linux/commit/4291086b1f081b869c6d79e5b7441633dc3ace00 - Exploit, Patch, Third Party Advisory |
09 Feb 2024, 19:24
Type | Values Removed | Values Added |
---|---|---|
CPE | cpe:2.3:o:linux:linux_kernel:2.6.31:rc6:*:*:*:*:*:* cpe:2.3:o:linux:linux_kernel:2.6.31:-:*:*:*:*:*:* cpe:2.3:o:linux:linux_kernel:2.6.31:rc4:*:*:*:*:*:* cpe:2.3:o:linux:linux_kernel:2.6.31:rc7:*:*:*:*:*:* cpe:2.3:o:linux:linux_kernel:2.6.31:rc8:*:*:*:*:*:* cpe:2.3:o:linux:linux_kernel:2.6.31:rc9:*:*:*:*:*:* cpe:2.3:o:linux:linux_kernel:2.6.31:rc3:*:*:*:*:*:* cpe:2.3:o:linux:linux_kernel:2.6.31:rc5:*:*:*:*:*:* |
|
References | () http://bugzilla.novell.com/show_bug.cgi?id=875690 - Issue Tracking, Permissions Required, Third Party Advisory | |
References | () http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commit%3Bh=4291086b1f081b869c6d79e5b7441633dc3ace00 - Broken Link |
Information
Published : 2014-05-07 10:55
Updated : 2024-11-21 02:01
NVD link : CVE-2014-0196
Mitre link : CVE-2014-0196
CVE.ORG link : CVE-2014-0196
JSON object : View
Products Affected
suse
- suse_linux_enterprise_desktop
- suse_linux_enterprise_server
- suse_linux_enterprise_high_availability_extension
f5
- big-ip_application_security_manager
- big-iq_security
- big-ip_global_traffic_manager
- big-ip_link_controller
- big-iq_centralized_management
- big-iq_application_delivery_controller
- big-ip_edge_gateway
- big-ip_wan_optimization_manager
- big-ip_protocol_security_module
- enterprise_manager
- big-ip_analytics
- big-ip_policy_enforcement_manager
- big-iq_cloud
- big-ip_application_acceleration_manager
- big-ip_webaccelerator
- big-iq_device
- big-iq_cloud_and_orchestration
- big-ip_local_traffic_manager
- big-ip_advanced_firewall_manager
- big-ip_access_policy_manager
debian
- debian_linux
canonical
- ubuntu_linux
linux
- linux_kernel
redhat
- enterprise_linux_server_eus
- enterprise_linux_eus
- enterprise_linux
oracle
- linux
CWE
CWE-362
Concurrent Execution using Shared Resource with Improper Synchronization ('Race Condition')