← Retour aux CVEs
CVE-2014-0196
MEDIUMCISA KEV5.5
Description
The n_tty_write function in drivers/tty/n_tty.c in the Linux kernel through 3.14.3 does not properly manage tty driver access in the "LECHO & !OPOST" case, which allows local users to cause a denial of service (memory corruption and system crash) or gain privileges by triggering a race condition involving read and write operations with long strings.
Details CVE
Score CVSS v3.15.5
SeveriteMEDIUM
Vecteur CVSSCVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
Vecteur d'attaqueLOCAL
ComplexiteLOW
Privileges requisLOW
Interaction utilisateurNONE
Publie5/7/2014
Derniere modification4/21/2026
Sourcekev
Observations honeypot0
CISA KEV
FournisseurLinux
ProduitKernel
Nom vulnerabiliteLinux Kernel Race Condition Vulnerability
Date ajout KEV2023-05-12
Date limite remediation2023-06-02
Utilise dans ransomwareUnknown
Produits affectes
canonical:ubuntu_linuxdebian:debian_linuxf5:big-ip_access_policy_managerf5:big-ip_advanced_firewall_managerf5:big-ip_analyticsf5:big-ip_application_acceleration_managerf5:big-ip_application_security_managerf5:big-ip_edge_gatewayf5:big-ip_global_traffic_managerf5:big-ip_link_controllerf5:big-ip_local_traffic_managerf5:big-ip_policy_enforcement_managerf5:big-ip_protocol_security_modulef5:big-ip_wan_optimization_managerf5:big-ip_webacceleratorf5:big-iq_application_delivery_controllerf5:big-iq_centralized_managementf5:big-iq_cloudf5:big-iq_cloud_and_orchestrationf5:big-iq_devicef5:big-iq_securityf5:enterprise_managerlinux:linux_kerneloracle:linuxredhat:enterprise_linuxredhat:enterprise_linux_eusredhat:enterprise_linux_server_eussuse:suse_linux_enterprise_desktopsuse:suse_linux_enterprise_high_availability_extensionsuse:suse_linux_enterprise_server
Faiblesses (CWE)
CWE-362CWE-362
References
http://bugzilla.novell.com/show_bug.cgi?id=875690(secalert@redhat.com)
http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commit%3Bh=4291086b1f081b869c6d79e5b7441633dc3ace00(secalert@redhat.com)
http://linux.oracle.com/errata/ELSA-2014-0771.html(secalert@redhat.com)
http://lists.opensuse.org/opensuse-security-announce/2014-05/msg00007.html(secalert@redhat.com)
http://lists.opensuse.org/opensuse-security-announce/2014-05/msg00012.html(secalert@redhat.com)
http://pastebin.com/raw.php?i=yTSFUBgZ(secalert@redhat.com)
http://rhn.redhat.com/errata/RHSA-2014-0512.html(secalert@redhat.com)
http://secunia.com/advisories/59218(secalert@redhat.com)
http://secunia.com/advisories/59262(secalert@redhat.com)
http://secunia.com/advisories/59599(secalert@redhat.com)
http://source.android.com/security/bulletin/2016-07-01.html(secalert@redhat.com)
http://support.f5.com/kb/en-us/solutions/public/15000/300/sol15319.html(secalert@redhat.com)
http://www.debian.org/security/2014/dsa-2926(secalert@redhat.com)
http://www.debian.org/security/2014/dsa-2928(secalert@redhat.com)
http://www.exploit-db.com/exploits/33516(secalert@redhat.com)
http://www.openwall.com/lists/oss-security/2014/05/05/6(secalert@redhat.com)
http://www.osvdb.org/106646(secalert@redhat.com)
http://www.ubuntu.com/usn/USN-2196-1(secalert@redhat.com)
http://www.ubuntu.com/usn/USN-2197-1(secalert@redhat.com)
http://www.ubuntu.com/usn/USN-2198-1(secalert@redhat.com)
http://www.ubuntu.com/usn/USN-2199-1(secalert@redhat.com)
http://www.ubuntu.com/usn/USN-2200-1(secalert@redhat.com)
http://www.ubuntu.com/usn/USN-2201-1(secalert@redhat.com)
http://www.ubuntu.com/usn/USN-2202-1(secalert@redhat.com)
http://www.ubuntu.com/usn/USN-2203-1(secalert@redhat.com)
http://www.ubuntu.com/usn/USN-2204-1(secalert@redhat.com)
https://bugzilla.redhat.com/show_bug.cgi?id=1094232(secalert@redhat.com)
https://github.com/torvalds/linux/commit/4291086b1f081b869c6d79e5b7441633dc3ace00(secalert@redhat.com)
http://bugzilla.novell.com/show_bug.cgi?id=875690(af854a3a-2127-422b-91ae-364da2661108)
http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commit%3Bh=4291086b1f081b869c6d79e5b7441633dc3ace00(af854a3a-2127-422b-91ae-364da2661108)
http://linux.oracle.com/errata/ELSA-2014-0771.html(af854a3a-2127-422b-91ae-364da2661108)
http://lists.opensuse.org/opensuse-security-announce/2014-05/msg00007.html(af854a3a-2127-422b-91ae-364da2661108)
http://lists.opensuse.org/opensuse-security-announce/2014-05/msg00012.html(af854a3a-2127-422b-91ae-364da2661108)
http://pastebin.com/raw.php?i=yTSFUBgZ(af854a3a-2127-422b-91ae-364da2661108)
http://rhn.redhat.com/errata/RHSA-2014-0512.html(af854a3a-2127-422b-91ae-364da2661108)
http://secunia.com/advisories/59218(af854a3a-2127-422b-91ae-364da2661108)
http://secunia.com/advisories/59262(af854a3a-2127-422b-91ae-364da2661108)
http://secunia.com/advisories/59599(af854a3a-2127-422b-91ae-364da2661108)
http://source.android.com/security/bulletin/2016-07-01.html(af854a3a-2127-422b-91ae-364da2661108)
http://support.f5.com/kb/en-us/solutions/public/15000/300/sol15319.html(af854a3a-2127-422b-91ae-364da2661108)
http://www.debian.org/security/2014/dsa-2926(af854a3a-2127-422b-91ae-364da2661108)
http://www.debian.org/security/2014/dsa-2928(af854a3a-2127-422b-91ae-364da2661108)
http://www.exploit-db.com/exploits/33516(af854a3a-2127-422b-91ae-364da2661108)
http://www.openwall.com/lists/oss-security/2014/05/05/6(af854a3a-2127-422b-91ae-364da2661108)
http://www.osvdb.org/106646(af854a3a-2127-422b-91ae-364da2661108)
http://www.ubuntu.com/usn/USN-2196-1(af854a3a-2127-422b-91ae-364da2661108)
http://www.ubuntu.com/usn/USN-2197-1(af854a3a-2127-422b-91ae-364da2661108)
http://www.ubuntu.com/usn/USN-2198-1(af854a3a-2127-422b-91ae-364da2661108)
http://www.ubuntu.com/usn/USN-2199-1(af854a3a-2127-422b-91ae-364da2661108)
http://www.ubuntu.com/usn/USN-2200-1(af854a3a-2127-422b-91ae-364da2661108)
http://www.ubuntu.com/usn/USN-2201-1(af854a3a-2127-422b-91ae-364da2661108)
http://www.ubuntu.com/usn/USN-2202-1(af854a3a-2127-422b-91ae-364da2661108)
http://www.ubuntu.com/usn/USN-2203-1(af854a3a-2127-422b-91ae-364da2661108)
http://www.ubuntu.com/usn/USN-2204-1(af854a3a-2127-422b-91ae-364da2661108)
https://bugzilla.redhat.com/show_bug.cgi?id=1094232(af854a3a-2127-422b-91ae-364da2661108)
https://github.com/torvalds/linux/commit/4291086b1f081b869c6d79e5b7441633dc3ace00(af854a3a-2127-422b-91ae-364da2661108)
https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2014-0196(134c704f-9b21-4f2e-91b3-4a467353bcc0)
Correlations IOC
Aucune correlation enregistree
This product uses data from the NVD API but is not endorsed or certified by the NVD.