PT-2014-1029 · Linux+4 · Linux Kernel+4
Jiri Slaby
·
Published
2013-04-23
·
Updated
2025-09-29
·
CVE-2014-0196
CVSS v2.0
6.9
Medium
| Vector | AV:L/AC:M/Au:N/C:C/I:C/A:C |
Name of the Vulnerable Software and Affected Versions
Linux Kernel versions through 3.14.3
Description
The issue is related to errors in the implementation of access to shared resources in the Linux operating system. It allows for the exploitation of a race condition in the
n tty write function, which can lead to a denial of service or privilege escalation by triggering a race condition involving read and write operations with long strings. This can result in memory corruption and system crash.Recommendations
For Linux Kernel versions through 3.14.3, consider applying a patch to fix the
n tty write function in drivers/tty/n tty.c to properly manage tty driver access in the "LECHO & !OPOST" case. As a temporary workaround, consider restricting access to the tty driver to minimize the risk of exploitation.Exploit
Fix
DoS
Race Condition
Found an issue in the description? Have something to add? Feel free to write us 👾
Related Identifiers
Affected Products
Alt Linux
Linux Kernel
Red Hat
Suse
Ubuntu