Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
suseSuseSUSE-SU-2014:0683-1
HistoryMay 20, 2014 - 7:04 p.m.

Security update for Linux kernel (important)

2014-05-2019:04:37
lists.opensuse.org
43

0.019 Low

EPSS

Percentile

87.2%

JSON

The SUSE Linux Enterprise 11 Service Pack 3 RealTime Extension kernel has
been updated to fix two critical security issues.

The following security bugs have been fixed:

   *

     CVE-2014-1737: The raw_cmd_copyin function in drivers/block/floppy.c

in the Linux kernel through 3.14.3 does not properly handle error
conditions during processing of an FDRAWCMD ioctl call, which allows local
users to trigger kfree operations and gain privileges by leveraging write
access to a /dev/fd device. (bnc#875798)

   *

     CVE-2014-1738: The raw_cmd_copyout function in

drivers/block/floppy.c in the Linux kernel through 3.14.3 does not
properly restrict access to certain pointers during processing of an
FDRAWCMD ioctl call, which allows local users to obtain sensitive
information from kernel heap memory by leveraging write access to a
/dev/fd device. (bnc#875798)

   *

     CVE-2014-0196: The n_tty_write function in drivers/tty/n_tty.c in

the Linux kernel through 3.14.3 does not properly manage tty driver access
in the "LECHO & !OPOST" case, which allows local users to cause a denial
of service (memory corruption and system crash) or gain privileges by
triggering a race condition involving read and write operations with long
strings. (bnc#875690)

OSVersionArchitecturePackageVersionFilename
SUSE Linux Enterprise Real Time Extension11.3x86_64kernel-rt-devel< 3.0.101.rt130-0.16.1kernel-rt-devel-3.0.101.rt130-0.16.1.x86_64.rpm
SUSE Linux Enterprise Real Time Extension11.3x86_64ofed-kmp-rt_trace< 1.5.4.1_3.0.101_rt130_0.16-0.13.56ofed-kmp-rt_trace-1.5.4.1_3.0.101_rt130_0.16-0.13.56.x86_64.rpm
SUSE Linux Enterprise Real Time Extension11.3x86_64kernel-rt_trace< 3.0.101.rt130-0.16.1kernel-rt_trace-3.0.101.rt130-0.16.1.x86_64.rpm
SUSE Linux Enterprise Real Time Extension11.3x86_64drbd-kmp-rt_trace< 8.4.4_3.0.101_rt130_0.16-0.22.31drbd-kmp-rt_trace-8.4.4_3.0.101_rt130_0.16-0.22.31.x86_64.rpm
SUSE Linux Enterprise Real Time Extension11.3x86_64iscsitarget-kmp-rt< 1.4.20_3.0.101_rt130_0.16-0.38.50iscsitarget-kmp-rt-1.4.20_3.0.101_rt130_0.16-0.38.50.x86_64.rpm
SUSE Linux Enterprise Real Time Extension11.3x86_64kernel-rt< 3.0.101.rt130-0.16.1kernel-rt-3.0.101.rt130-0.16.1.x86_64.rpm
SUSE Linux Enterprise Real Time Extension11.3x86_64ofed-kmp-rt< 1.5.4.1_3.0.101_rt130_0.16-0.13.56ofed-kmp-rt-1.5.4.1_3.0.101_rt130_0.16-0.13.56.x86_64.rpm
SUSE Linux Enterprise Real Time Extension11.3x86_64kernel-rt_trace-devel< 3.0.101.rt130-0.16.1kernel-rt_trace-devel-3.0.101.rt130-0.16.1.x86_64.rpm
SUSE Linux Enterprise Real Time Extension11.3x86_64cluster-network-kmp-rt< 1.4_3.0.101_rt130_0.16-2.27.65cluster-network-kmp-rt-1.4_3.0.101_rt130_0.16-2.27.65.x86_64.rpm
SUSE Linux Enterprise Real Time Extension11.3x86_64iscsitarget-kmp-rt_trace< 1.4.20_3.0.101_rt130_0.16-0.38.50iscsitarget-kmp-rt_trace-1.4.20_3.0.101_rt130_0.16-0.38.50.x86_64.rpm
Rows per page:
1-10 of 201

Related

openvas 59
nessus 49
osv 2
debian 2
suse 2
mageia 10
redhat 11
oraclelinux 9
securityvulns 3
centos 2
ubuntu 14
altlinux 1
veracode 8
ubuntucve 3
cve 4
zdt 1
attackerkb 1
android 1
canvas 1
exploitpack 1
f5 2
prion 4
debiancve 3
amazon 2
threatpost 1
cisa_kev 1
seebug 1
exploitdb 1
openvas
openvas
Debian: Security Advisory (DSA-2928-1)
2014-05-13 00:00:00
SUSE: Security Advisory for Linux (SUSE-SU-2014:0667-1)
2015-10-13 00:00:00
SUSE: Security Advisory (SUSE-SU-2014:0667-1)
2021-06-09 00:00:00
nessus
nessus
SuSE 11.3 Security Update : Linux Kernel (SAT Patch Numbers 9233 / 9236 / 9237)
2014-05-16 00:00:00
Debian DSA-2928-1 : linux-2.6 - privilege escalation/denial of service/information leak
2014-05-16 00:00:00
RHEL 5 : kernel (RHSA-2014:0801)
2014-11-17 00:00:00
osv
osv
linux-2.6 - security update
2014-05-14 00:00:00
linux - security update
2014-05-12 00:00:00
debian
debian
[SECURITY] [DSA 2928-1] linux-2.6 security update
2014-05-14 18:21:22
[SECURITY] [DSA 2926-1] linux security update
2014-05-12 15:59:46
suse
suse
Security update for Linux Kernel (important)
2014-05-16 03:04:20
kernel: security and bugfix update (important)
2014-05-19 14:04:14
mageia
mageia
Updated kernel-linus packages fix multiple vulnerabilities
2014-05-19 22:30:17
Updated kernel-rt packages fix multiple vulnerabilities
2014-05-19 22:30:17
Updated kernel packages fix multiple vulnerabilities
2014-05-18 03:41:52
redhat
redhat
(RHSA-2014:0801) Important: kernel security update
2014-06-26 00:00:00
(RHSA-2014:0772) Important: kernel security and bug fix update
2014-06-19 00:00:00
(RHSA-2014:0900) Important: kernel security and bug fix update
2014-07-17 00:00:00
oraclelinux
oraclelinux
unbreakable enterprise kernel security update
2014-06-20 00:00:00
kernel security and bug fix update
2014-06-11 00:00:00
kernel security and bug fix update
2014-06-11 00:00:00
securityvulns
securityvulns
[oss-security] Linux kernel floppy ioctl kernel code execution
2014-05-10 00:00:00
[SECURITY] [DSA 2926-1] linux security update
2014-05-15 00:00:00
[USN-2196-1] Linux kernel vulnerability
2014-05-07 00:00:00
centos
centos
kernel security update
2014-06-11 11:01:17
kernel, perf, python security update
2014-06-20 10:10:41
ubuntu
ubuntu
Linux kernel (EC2) vulnerabilities
2014-05-26 00:00:00
Linux kernel vulnerabilities
2014-05-26 00:00:00
Linux kernel vulnerability
2014-05-06 00:00:00
altlinux
altlinux
Security fix for the ALT Linux 7 package kernel-image-el-def version 2.6.32-alt25
2014-06-21 00:00:00
veracode
veracode
Denial Of Service (DoS)
2019-05-02 05:03:26
Information Disclosure
2019-05-02 05:03:25
Denial Of Service (DoS)
2019-05-02 05:03:26
ubuntucve
ubuntucve
CVE-2014-1738
2014-05-11 00:00:00
CVE-2014-1737
2014-05-11 00:00:00
CVE-2014-0196
2014-05-05 00:00:00
cve
cve
CVE-2014-1738
2014-05-11 21:55:00
CVE-2014-0196
2014-05-07 10:55:00
CVE-2014-1737
2014-05-11 21:55:00
zdt
zdt
Linux Kernel 3.15-rc4 PTY Race Condition Exploit
2014-05-14 00:00:00
attackerkb
attackerkb
CVE-2014-0196
2014-05-07 00:00:00
android
android
pty race
2014-04-30 00:00:00
canvas
canvas
Immunity Canvas: LINUX_TTY_RACE
2014-05-07 10:55:00
exploitpack
exploitpack
Linux Kernel 3.14-rc1 3.15-rc4 (x64) - Raw Mode PTY Echo Race Condition Privilege Escalation
2014-05-26 00:00:00
f5
f5
SOL15319 - Linux kernel TTY vulnerability CVE-2014-0196
2014-06-05 00:00:00
K15319 : Linux kernel TTY vulnerability CVE-2014-0196
2014-12-04 00:00:00
prion
prion
Design/Logic Flaw
2014-05-11 21:55:00
Race condition
2014-05-07 10:55:00
Input validation
2014-05-11 21:55:00
debiancve
debiancve
CVE-2014-1738
2014-05-11 21:55:00
CVE-2014-1737
2014-05-11 21:55:00
CVE-2014-0196
2014-05-07 10:55:00
amazon
amazon
Medium: kernel
2014-05-13 16:40:00
Medium: kernel
2014-08-21 11:03:00
threatpost
threatpost
Five Year Old Security Vulnerability Patched in Linux Kernel
2014-05-15 11:05:41
cisa_kev
cisa_kev
Linux Kernel Race Condition Vulnerability
2023-05-12 00:00:00
seebug
seebug
Linux kernel 3.14-rc1 <= 3.15-rc4 - Raw Mode PTY Local Echo Race Condition (x64) Local Privilege Escalation
2014-07-01 00:00:00
exploitdb
exploitdb
Linux Kernel 3.14-rc1 &lt; 3.15-rc4 (x64) - Raw Mode PTY Echo Race Condition Privilege Escalation
2014-05-26 00:00:00

0.019 Low

EPSS

Percentile

87.2%

JSON
Related for SUSE-SU-2014:0683-1
openvas59nessus49osv2debian2suse2mageia10redhat11oraclelinux9securityvulns3centos2ubuntu14altlinux1veracode8ubuntucve3cve4zdt1attackerkb1android1canvas1exploitpack1f52prion4debiancve3amazon2threatpost1cisa_kev1seebug1exploitdb1