PT-2014-1029 · Linux+4 · Linux Kernel+4
Jiri Slaby
·
Publicado
2013-04-23
·
Atualizado
2025-09-29
·
CVE-2014-0196
CVSS v2.0
6.9
Média
| Vetor | AV:L/AC:M/Au:N/C:C/I:C/A:C |
Name of the Vulnerable Software and Affected Versions
Linux Kernel versions through 3.14.3
Description
The issue is related to errors in the implementation of access to shared resources in the Linux operating system. It allows for the exploitation of a race condition in the
n tty write function, which can lead to a denial of service or privilege escalation by triggering a race condition involving read and write operations with long strings. This can result in memory corruption and system crash.Recommendations
For Linux Kernel versions through 3.14.3, consider applying a patch to fix the
n tty write function in drivers/tty/n tty.c to properly manage tty driver access in the "LECHO & !OPOST" case. As a temporary workaround, consider restricting access to the tty driver to minimize the risk of exploitation.Exploit
Correção
DoS
Race Condition
Encontrou algum problema na descrição? Tem algo a acrescentar? Fique à vontade para nos escrever 👾
Identificadores relacionados
Produtos afetados
Alt Linux
Linux Kernel
Red Hat
Suse
Ubuntu