Home

CVE-2014-0196

Description

The n_tty_write function in drivers/tty/n_tty.c in the Linux kernel through 3.14.3 does not properly manage tty driver access in the LECHO & !OPOST case, which allows local users to cause a denial of service (memory corruption and system crash) or gain privileges by triggering a race condition involving read and write operations with long strings.

Risk Information

Base Score
5.5
MODERATE
Vector
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
EPSS Score
Exploitation Probability
61.763

Associated Vulnerability

VulnerabilityOS Platform
Linux kernel (USN-2198-1) linux-image-3.2.0-61-generic_3.2.0-61.93_i386.debLinux
Linux kernel (USN-2198-1) linux-image-3.2.0-61-generic_3.2.0-61.93_amd64.debLinux
Linux kernel (USN-2198-1) linux-image-3.2.0-61-virtual_3.2.0-61.93_i386.debLinux
Linux kernel (USN-2198-1) linux-image-3.2.0-61-virtual_3.2.0-61.93_amd64.debLinux
Linux kernel (USN-2198-1) linux-image-3.2.0-61-generic-pae_3.2.0-61.93_i386.debLinux
Linux kernel (USN-2204-1) linux-image-3.13.0-24-generic_3.13.0-24.47_i386.debLinux
Linux kernel (USN-2204-1) linux-image-3.13.0-24-generic_3.13.0-24.47_amd64.debLinux
Linux kernel (USN-2204-1) linux-image-3.13.0-24-lowlatency_3.13.0-24.47_i386.debLinux
Linux kernel (USN-2204-1) linux-image-3.13.0-24-lowlatency_3.13.0-24.47_amd64.debLinux
Block storage devices (udeb) (USN-2260-1) linux-image-3.13.0-30-generic_3.13.0-30.55~precise1_i386.debLinux
Block storage devices (udeb) (USN-2260-1) linux-image-3.13.0-30-generic_3.13.0-30.55~precise1_amd64.debLinux
Dtrace-modules-3.8.13-35.el6uek update (ELSA-2014-3034) dtrace-modules-3.8.13-35.el6uek-0.4.3-4.el6.x86_64.rpmLinux
Dtrace-modules-headers update (ELSA-2014-3034) dtrace-modules-headers-0.4.3-4.el6.x86_64.rpmLinux
Concurrent Execution using Shared Resource with Improper Synchronization (Race Condition) Vulnerability (CVE-2014-0196)NCM

Patch Details

No records found

References

https://nvd.nist.gov/vuln/detail/CVE-2023-1234
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-1234