CyberSec.Space Logo
CVEブラウザに戻る

CVE-2014-0196

Known Exploited (CISA KEV)MEDIUM
5.5
CVSS Severity Score
EPSS Score83.2360%
EPSS Percentile95.54th
Published2014年5月7日
Last Modified2026年4月21日

Vulnerability Description

The n_tty_write function in drivers/tty/n_tty.c in the Linux kernel through 3.14.3 does not properly manage tty driver access in the "LECHO & !OPOST" case, which allows local users to cause a denial of service (memory corruption and system crash) or gain privileges by triggering a race condition involving read and write operations with long strings.

Affected Platforms (CPE)

💻
Linux

Linux Kernel

> 2.6.31 and < 3.2.59
💻
Linux

Linux Kernel

>= 3.3 and < 3.4.91
💻
Linux

Linux Kernel

>= 3.5 and < 3.10.40
💻
Linux

Linux Kernel

>= 3.11 and < 3.12.20
💻
Linux

Linux Kernel

>= 3.13 and < 3.14.4
💻
Linux

Linux Kernel

= 2.6.31
💻
Linux

Linux Kernel

= 2.6.31
💻
Linux

Linux Kernel

= 2.6.31
💻
Linux

Linux Kernel

= 2.6.31
💻
Linux

Linux Kernel

= 2.6.31
💻
Linux

Linux Kernel

= 2.6.31
💻
Linux

Linux Kernel

= 2.6.31
💻
Linux

Linux Kernel

= 2.6.31
💻
Debian

Debian Linux

= 6.0
💻
Debian

Debian Linux

= 7.0
💻
Redhat

Enterprise Linux

= 6.0
💻
Redhat

Enterprise Linux Eus

= 6.3
💻
Redhat

Enterprise Linux Eus

= 6.4
💻
Redhat

Enterprise Linux Server Eus

= 6.3
💻
Suse

Suse Linux Enterprise Desktop

= 11
💻
Suse

Suse Linux Enterprise High Availability Extension

= 11
💻
Suse

Suse Linux Enterprise Server

= 11
💻
Suse

Suse Linux Enterprise Server

= 11
💻
Oracle

Linux

= 6
💻
Canonical

Ubuntu Linux

= 10.04
💻
Canonical

Ubuntu Linux

= 12.04
💻
Canonical

Ubuntu Linux

= 12.10
💻
Canonical

Ubuntu Linux

= 13.10
💻
Canonical

Ubuntu Linux

= 14.04
📦
F5

Big Ip Access Policy Manager

>= 11.1.0 and <= 11.5.1
📦
F5

Big Ip Advanced Firewall Manager

>= 11.3.0 and <= 11.5.1
📦
F5

Big Ip Analytics

>= 11.1.0 and <= 11.5.1
📦
F5

Big Ip Application Acceleration Manager

>= 11.4.0 and <= 11.5.1
📦
F5

Big Ip Application Security Manager

>= 11.1.0 and <= 11.5.1
📦
F5

Big Ip Edge Gateway

>= 11.1.0 and <= 11.3.0
📦
F5

Big Ip Global Traffic Manager

>= 11.1.0 and <= 11.5.1
📦
F5

Big Ip Link Controller

>= 11.1.0 and <= 11.5.1
📦
F5

Big Ip Local Traffic Manager

>= 11.1.0 and <= 11.5.1
📦
F5

Big Ip Policy Enforcement Manager

>= 11.3.0 and <= 11.5.1
📦
F5

Big Ip Protocol Security Module

>= 11.1.0 and <= 11.4.1
📦
F5

Big Ip Wan Optimization Manager

>= 11.1.0 and <= 11.3.0
📦
F5

Big Ip Webaccelerator

>= 11.1.0 and <= 11.3.0
📦
F5

Big Iq Application Delivery Controller

= 4.5.0
📦
F5

Big Iq Centralized Management

= 4.6.0
📦
F5

Big Iq Cloud

>= 4.0.0 and <= 4.5.0
📦
F5

Big Iq Cloud And Orchestration

= 1.0.0
📦
F5

Big Iq Device

>= 4.2.0 and <= 4.5.0
📦
F5

Big Iq Security

>= 4.0.0 and <= 4.5.0
📦
F5

Enterprise Manager

= 3.1.0
📦
F5

Enterprise Manager

= 3.1.1

References & Advisories

🔗 http://bugzilla.novell.com/show_bug.cgi?id=875690
🔗 http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commit%3Bh=4291086b1f081b869c6d79e5b7441633dc3ace00
🔗 http://linux.oracle.com/errata/ELSA-2014-0771.html
🔗 http://lists.opensuse.org/opensuse-security-announce/2014-05/msg00007.html
🔗 http://lists.opensuse.org/opensuse-security-announce/2014-05/msg00012.html
🔗 http://pastebin.com/raw.php?i=yTSFUBgZ
🔗 http://rhn.redhat.com/errata/RHSA-2014-0512.html
🔗 http://secunia.com/advisories/59218

関連する脆弱性情報

CVE-2000-074710.0

The logrotate script for OpenLDAP before 1.2.11 in Conectiva Linux sends an improper signal to the kernel log daemon (klogd) and k...

CVE-2002-157210.0

Signed integer overflow in the bttv_read function in the bttv driver (bttv-driver.c) in Linux kernel before 2.4.20 has unknown imp...

CVE-2000-050610.0

The "capabilities" feature in Linux before 2.2.16 allows local users to cause a denial of service or gain privileges by setting th...

CVE-2002-157310.0

Unspecified vulnerability in the pcilynx ieee1394 firewire driver (pcilynx.c) in Linux kernel before 2.4.20 has unknown impact and...