CVSS2
Attack Vector
LOCAL
Attack Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
COMPLETE
Integrity Impact
COMPLETE
Availability Impact
COMPLETE
AV:L/AC:M/Au:N/C:C/I:C/A:C
EPSS
Percentile
88.6%
The n_tty_write function in drivers/tty/n_tty.c in the Linux kernel through
3.14.3 does not properly manage tty driver access in the “LECHO & !OPOST”
case, which allows local users to cause a denial of service (memory
corruption and system crash) or gain privileges by triggering a race
condition involving read and write operations with long strings.
Author | Note |
---|---|
jdstrand | android kernels (goldfish, grouper, maguro, mako and manta) are not supported on the Ubuntu Touch 13.10 preview kernels android kernels (flo, goldfish, grouper, maguro, mako and manta) are not supported on the Ubuntu Touch 14.04 preview kernels |
OS | Version | Architecture | Package | Version | Filename |
---|---|---|---|---|---|
ubuntu | 10.04 | noarch | linux | < 2.6.32-58.121 | UNKNOWN |
ubuntu | 12.04 | noarch | linux | < 3.2.0-61.93 | UNKNOWN |
ubuntu | 12.10 | noarch | linux | < 3.5.0-49.74 | UNKNOWN |
ubuntu | 13.10 | noarch | linux | < 3.11.0-20.35 | UNKNOWN |
ubuntu | 14.04 | noarch | linux | < 3.13.0-24.47 | UNKNOWN |
ubuntu | 12.04 | noarch | linux-armadaxp | < 3.2.0-1633.47 | UNKNOWN |
ubuntu | 10.04 | noarch | linux-ec2 | < 2.6.32-363.77 | UNKNOWN |
ubuntu | 12.04 | noarch | linux-lts-quantal | < 3.5.0-49.74~precise1 | UNKNOWN |
ubuntu | 12.04 | noarch | linux-lts-raring | < 3.8.0-39.58~precise1 | UNKNOWN |
ubuntu | 12.04 | noarch | linux-lts-saucy | < 3.11.0-20.35~precise1 | UNKNOWN |
launchpad.net/bugs/cve/CVE-2014-0196
nvd.nist.gov/vuln/detail/CVE-2014-0196
security-tracker.debian.org/tracker/CVE-2014-0196
ubuntu.com/security/notices/USN-2196-1
ubuntu.com/security/notices/USN-2197-1
ubuntu.com/security/notices/USN-2198-1
ubuntu.com/security/notices/USN-2199-1
ubuntu.com/security/notices/USN-2200-1
ubuntu.com/security/notices/USN-2201-1
ubuntu.com/security/notices/USN-2202-1
ubuntu.com/security/notices/USN-2203-1
ubuntu.com/security/notices/USN-2204-1
ubuntu.com/security/notices/USN-2227-1
ubuntu.com/security/notices/USN-2260-1
www.cve.org/CVERecord?id=CVE-2014-0196