CVE-2014-0196: Linux Kernel Race Condition Vulnerability

First published: Thu May 01 2014(Updated: )

It is unexpected and not allowed to call TTY buffer helpers like tty_insert_flip_string concurrently. This may lead to crashes when ECHOing is enabled and concurrect writers call pty_write in the meantime. In that case the two writers: * the ECHOing from a workqueue and * pty_write from the process race and can overflow the corresponding TTY buffer. An unprivileged local user could use this flaw to crash the system or, potentially, escalate their privileges on the system. References: <a href="http://seclists.org/oss-sec/2014/q2/243">http://seclists.org/oss-sec/2014/q2/243</a>

Credit: secalert@redhat.com secalert@redhat.com secalert@redhat.com

Never miss a vulnerability like this again

Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.

Read MoreStart Free Trial

• collector/redhat-cve
• agent/type
• agent/first-publish-date
• collector/launchpad-cve
• source/Launchpad
• collector/redhat-bugzilla
• source/Red Hat
• alias/CVE-2014-0196
• agent/weakness
• agent/severity
• agent/title
• agent/author
• collector/nvd-index
• agent/software-canonical-lookup-request
• collector/nvd-cve
• source/NVD
• agent/software-canonical-lookup
• collector/nvd-api
• collector/mitre-cve
• source/MITRE
• agent/last-modified-date
• exploited/true
• collector/cisa-known-exploited
• source/CISA
• collector/usn-cve
• source/Ubuntu
• agent/references
• agent/remedy
• agent/softwarecombine
• agent/tags
• agent/description
• agent/event
• collector/security-tracker-debian
• source/Debian
• package-manager/redhat
• vendor/linux
• canonical/linux linux kernel
• version/linux linux kernel/3.14.3
• vendor/debian
• canonical/debian debian linux
• version/debian debian linux/6.0
• version/debian debian linux/7.0
• vendor/redhat
• canonical/redhat enterprise linux
• version/redhat enterprise linux/6.0
• canonical/redhat enterprise linux eus
• version/redhat enterprise linux eus/6.3
• version/redhat enterprise linux eus/6.4
• canonical/redhat enterprise linux server eus
• version/redhat enterprise linux server eus/6.3
• vendor/suse
• canonical/suse suse linux enterprise desktop
• version/suse suse linux enterprise desktop/11-sp3
• canonical/suse suse linux enterprise high availability extension
• version/suse suse linux enterprise high availability extension/11-sp3
• canonical/suse suse linux enterprise server
• version/suse suse linux enterprise server/11-sp3
• canonical/suse suse linux enterprise server vmware
• version/suse suse linux enterprise server vmware/11-sp3
• vendor/oracle
• canonical/oracle linux
• version/oracle linux/6
• vendor/canonical
• canonical/canonical ubuntu linux
• version/canonical ubuntu linux/10.04
• version/canonical ubuntu linux/12.04
• version/canonical ubuntu linux/12.10
• version/canonical ubuntu linux/13.10
• version/canonical ubuntu linux/14.04
• vendor/f5
• canonical/f5 big-ip access policy manager
• version/f5 big-ip access policy manager/11.1.0
• version/f5 big-ip access policy manager/11.5.1
• canonical/f5 big-ip advanced firewall manager
• version/f5 big-ip advanced firewall manager/11.3.0
• version/f5 big-ip advanced firewall manager/11.5.1
• canonical/f5 big-ip analytics
• version/f5 big-ip analytics/11.1.0
• version/f5 big-ip analytics/11.5.1
• canonical/f5 big-ip application acceleration manager
• version/f5 big-ip application acceleration manager/11.4.0
• version/f5 big-ip application acceleration manager/11.5.1
• canonical/f5 big-ip application security manager
• version/f5 big-ip application security manager/11.1.0
• version/f5 big-ip application security manager/11.5.1
• canonical/f5 big-ip edge gateway
• version/f5 big-ip edge gateway/11.1.0
• version/f5 big-ip edge gateway/11.3.0
• canonical/f5 big-ip global traffic manager
• version/f5 big-ip global traffic manager/11.1.0
• version/f5 big-ip global traffic manager/11.5.1
• canonical/f5 big-ip link controller
• version/f5 big-ip link controller/11.1.0
• version/f5 big-ip link controller/11.5.1
• canonical/f5 big-ip local traffic manager
• version/f5 big-ip local traffic manager/11.1.0
• version/f5 big-ip local traffic manager/11.5.1
• canonical/f5 big-ip policy enforcement manager
• version/f5 big-ip policy enforcement manager/11.3.0
• version/f5 big-ip policy enforcement manager/11.5.1
• canonical/f5 big-ip protocol security module
• version/f5 big-ip protocol security module/11.1.0
• version/f5 big-ip protocol security module/11.4.1
• canonical/f5 big-ip wan optimization manager
• version/f5 big-ip wan optimization manager/11.1.0
• version/f5 big-ip wan optimization manager/11.3.0
• canonical/f5 big-ip webaccelerator
• version/f5 big-ip webaccelerator/11.1.0
• version/f5 big-ip webaccelerator/11.3.0
• canonical/f5 big-iq application delivery controller
• version/f5 big-iq application delivery controller/4.5.0
• canonical/f5 big-iq centralized management
• version/f5 big-iq centralized management/4.6.0
• canonical/f5 big-iq cloud
• version/f5 big-iq cloud/4.0.0
• version/f5 big-iq cloud/4.5.0
• canonical/f5 big-iq cloud and orchestration
• version/f5 big-iq cloud and orchestration/1.0.0
• canonical/f5 big-iq device
• version/f5 big-iq device/4.2.0
• version/f5 big-iq device/4.5.0
• canonical/f5 big-iq security
• version/f5 big-iq security/4.0.0
• version/f5 big-iq security/4.5.0
• canonical/f5 enterprise manager
• version/f5 enterprise manager/3.1.0
• version/f5 enterprise manager/3.1.1
• version/linux linux kernel/3.3
• version/linux linux kernel/3.5
• version/linux linux kernel/3.11
• version/linux linux kernel/3.13
• version/linux linux kernel/2.6.31
• version/linux linux kernel/2.6.31-rc3
• version/linux linux kernel/2.6.31-rc4
• version/linux linux kernel/2.6.31-rc5
• version/linux linux kernel/2.6.31-rc6
• version/linux linux kernel/2.6.31-rc7
• version/linux linux kernel/2.6.31-rc8
• version/linux linux kernel/2.6.31-rc9
• canonical/linux kernel
• package-manager/debian