CVE-2014-0196

Warning

Exploit

EPSS 69.02%
Published 07.05.2014 10:55:04
Last modified 12.04.2025 10:46:40
Source secalert@redhat.com
Teams watchlist Login
Open Login

The n_tty_write function in drivers/tty/n_tty.c in the Linux kernel through 3.14.3 does not properly manage tty driver access in the "LECHO & !OPOST" case, which allows local users to cause a denial of service (memory corruption and system crash) or gain privileges by triggering a race condition involving read and write operations with long strings.

Affected products Warnungen 1 Metrics 3 CWE 1 References 31

Data is provided by the National Vulnerability Database (NVD)

Linux ≫ Linux Kernel Version > 2.6.31 < 3.2.59

Linux ≫ Linux Kernel Version >= 3.3 < 3.4.91

Linux ≫ Linux Kernel Version >= 3.5 < 3.10.40

Linux ≫ Linux Kernel Version >= 3.11 < 3.12.20

Linux ≫ Linux Kernel Version >= 3.13 < 3.14.4

Linux ≫ Linux Kernel Version2.6.31 Update-

Linux ≫ Linux Kernel Version2.6.31 Updaterc3

Linux ≫ Linux Kernel Version2.6.31 Updaterc4

Linux ≫ Linux Kernel Version2.6.31 Updaterc5

Linux ≫ Linux Kernel Version2.6.31 Updaterc6

Linux ≫ Linux Kernel Version2.6.31 Updaterc7

Linux ≫ Linux Kernel Version2.6.31 Updaterc8

Linux ≫ Linux Kernel Version2.6.31 Updaterc9

Debian ≫ Debian Linux Version6.0

Debian ≫ Debian Linux Version7.0

Redhat ≫ Enterprise Linux Version6.0

Redhat ≫ Enterprise Linux Eus Version6.3

Redhat ≫ Enterprise Linux Eus Version6.4

Redhat ≫ Enterprise Linux Server Eus Version6.3

Suse ≫ Suse Linux Enterprise Desktop Version11 Updatesp3 SwPlatform-

Suse ≫ Suse Linux Enterprise High Availability Extension Version11 Updatesp3

Suse ≫ Suse Linux Enterprise Server Version11 Updatesp3 SwPlatform-

Suse ≫ Suse Linux Enterprise Server Version11 Updatesp3 SwPlatformvmware

Oracle ≫ Linux Version6 Update-

Canonical ≫ Ubuntu Linux Version10.04 SwEdition-

Canonical ≫ Ubuntu Linux Version12.04 SwEditionesm

Canonical ≫ Ubuntu Linux Version12.10

Canonical ≫ Ubuntu Linux Version13.10

Canonical ≫ Ubuntu Linux Version14.04 SwEditionesm

F5 ≫ Big-ip Access Policy Manager Version >= 11.1.0 <= 11.5.1

F5 ≫ Big-ip Advanced Firewall Manager Version >= 11.3.0 <= 11.5.1

F5 ≫ Big-ip Analytics Version >= 11.1.0 <= 11.5.1

F5 ≫ Big-ip Application Acceleration Manager Version >= 11.4.0 <= 11.5.1

F5 ≫ Big-ip Application Security Manager Version >= 11.1.0 <= 11.5.1

F5 ≫ Big-ip Edge Gateway Version >= 11.1.0 <= 11.3.0

F5 ≫ Big-ip Global Traffic Manager Version >= 11.1.0 <= 11.5.1

F5 ≫ Big-ip Link Controller Version >= 11.1.0 <= 11.5.1

F5 ≫ Big-ip Local Traffic Manager Version >= 11.1.0 <= 11.5.1

F5 ≫ Big-ip Policy Enforcement Manager Version >= 11.3.0 <= 11.5.1

F5 ≫ Big-ip Protocol Security Module Version >= 11.1.0 <= 11.4.1

F5 ≫ Big-ip Wan Optimization Manager Version >= 11.1.0 <= 11.3.0

F5 ≫ Big-ip Webaccelerator Version >= 11.1.0 <= 11.3.0

F5 ≫ Big-iq Application Delivery Controller Version4.5.0

F5 ≫ Big-iq Centralized Management Version4.6.0

F5 ≫ Big-iq Cloud Version >= 4.0.0 <= 4.5.0

F5 ≫ Big-iq Cloud And Orchestration Version1.0.0

F5 ≫ Big-iq Device Version >= 4.2.0 <= 4.5.0

F5 ≫ Big-iq Security Version >= 4.0.0 <= 4.5.0

F5 ≫ Enterprise Manager Version3.1.0

F5 ≫ Enterprise Manager Version3.1.1

12.05.2023: CISA Known Exploited Vulnerabilities (KEV) Catalog

Linux Kernel Race Condition Vulnerability

Vulnerability

Linux Kernel contains a race condition vulnerability within the n_tty_write function that allows local users to cause a denial-of-service (DoS) or gain privileges via read and write operations with long strings.

Description

The impacted product is end-of-life and should be disconnected if still in use.

Required actions

EPSS Metriken
Type	Source	Score	Percentile
EPSS	FIRST.org	69.02%	0.986

CVSS Metriken
Source	Base Score	Exploit Score	Impact Score	Vector string
nvd@nist.gov	6.9	3.4	10	AV:L/AC:M/Au:N/C:C/I:C/A:C
134c704f-9b21-4f2e-91b3-4a467353bcc0	5.5	1.8	3.6	CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H

CWE-362 Concurrent Execution using Shared Resource with Improper Synchronization ('Race Condition')

The product contains a concurrent code sequence that requires temporary, exclusive access to a shared resource, but a timing window exists in which the shared resource can be modified by another code sequence operating concurrently.

http://linux.oracle.com/errata/ELSA-2014-0771.html

Third Party Advisory

http://secunia.com/advisories/59262

Broken Link

http://secunia.com/advisories/59599

Broken Link

http://www.debian.org/security/2014/dsa-2926

Third Party Advisory

http://bugzilla.novell.com/show_bug.cgi?id=875690

Third Party Advisory

Issue Tracking

Permissions Required