{"containers": {"cna": {"affected": [{"product": "n/a", "vendor": "n/a", "versions": [{"status": "affected", "version": "n/a"}]}], "datePublic": "2014-04-29T00:00:00.000Z", "descriptions": [{"lang": "en", "value": "The n_tty_write function in drivers/tty/n_tty.c in the Linux kernel through 3.14.3 does not properly manage tty driver access in the \"LECHO & !OPOST\" case, which allows local users to cause a denial of service (memory corruption and system crash) or gain privileges by triggering a race condition involving read and write operations with long strings."}], "problemTypes": [{"descriptions": [{"description": "n/a", "lang": "en", "type": "text"}]}], "providerMetadata": {"dateUpdated": "2017-01-05T14:57:01.000Z", "orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749", "shortName": "redhat"}, "references": [{"name": "USN-2203-1", "tags": ["vendor-advisory", "x_refsource_UBUNTU"], "url": "http://www.ubuntu.com/usn/USN-2203-1"}, {"tags": ["x_refsource_CONFIRM"], "url": "http://support.f5.com/kb/en-us/solutions/public/15000/300/sol15319.html"}, {"name": "106646", "tags": ["vdb-entry", "x_refsource_OSVDB"], "url": "http://www.osvdb.org/106646"}, {"name": "SUSE-SU-2014:0683", "tags": ["vendor-advisory", "x_refsource_SUSE"], "url": "http://lists.opensuse.org/opensuse-security-announce/2014-05/msg00012.html"}, {"name": "[oss-security] 20140429 CVE-2014-0196: Linux kernel pty layer race condition memory corruption", "tags": ["mailing-list", "x_refsource_MLIST"], "url": "http://www.openwall.com/lists/oss-security/2014/05/05/6"}, {"name": "59262", "tags": ["third-party-advisory", "x_refsource_SECUNIA"], "url": "http://secunia.com/advisories/59262"}, {"name": "USN-2204-1", "tags": ["vendor-advisory", "x_refsource_UBUNTU"], "url": "http://www.ubuntu.com/usn/USN-2204-1"}, {"name": "59218", "tags": ["third-party-advisory", "x_refsource_SECUNIA"], "url": "http://secunia.com/advisories/59218"}, {"name": "USN-2202-1", "tags": ["vendor-advisory", "x_refsource_UBUNTU"], "url": "http://www.ubuntu.com/usn/USN-2202-1"}, {"name": "33516", "tags": ["exploit", "x_refsource_EXPLOIT-DB"], "url": "http://www.exploit-db.com/exploits/33516"}, {"name": "DSA-2928", "tags": ["vendor-advisory", "x_refsource_DEBIAN"], "url": "http://www.debian.org/security/2014/dsa-2928"}, {"name": "USN-2199-1", "tags": ["vendor-advisory", "x_refsource_UBUNTU"], "url": "http://www.ubuntu.com/usn/USN-2199-1"}, {"tags": ["x_refsource_CONFIRM"], "url": "http://linux.oracle.com/errata/ELSA-2014-0771.html"}, {"tags": ["x_refsource_CONFIRM"], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1094232"}, {"name": "USN-2197-1", "tags": ["vendor-advisory", "x_refsource_UBUNTU"], "url": "http://www.ubuntu.com/usn/USN-2197-1"}, {"tags": ["x_refsource_CONFIRM"], "url": "http://source.android.com/security/bulletin/2016-07-01.html"}, {"name": "RHSA-2014:0512", "tags": ["vendor-advisory", "x_refsource_REDHAT"], "url": "http://rhn.redhat.com/errata/RHSA-2014-0512.html"}, {"name": "59599", "tags": ["third-party-advisory", "x_refsource_SECUNIA"], "url": "http://secunia.com/advisories/59599"}, {"name": "DSA-2926", "tags": ["vendor-advisory", "x_refsource_DEBIAN"], "url": "http://www.debian.org/security/2014/dsa-2926"}, {"tags": ["x_refsource_CONFIRM"], "url": "https://github.com/torvalds/linux/commit/4291086b1f081b869c6d79e5b7441633dc3ace00"}, {"name": "SUSE-SU-2014:0667", "tags": ["vendor-advisory", "x_refsource_SUSE"], "url": "http://lists.opensuse.org/opensuse-security-announce/2014-05/msg00007.html"}, {"tags": ["x_refsource_MISC"], "url": "http://pastebin.com/raw.php?i=yTSFUBgZ"}, {"tags": ["x_refsource_CONFIRM"], "url": "http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commit%3Bh=4291086b1f081b869c6d79e5b7441633dc3ace00"}, {"tags": ["x_refsource_CONFIRM"], "url": "http://bugzilla.novell.com/show_bug.cgi?id=875690"}, {"name": "USN-2198-1", "tags": ["vendor-advisory", "x_refsource_UBUNTU"], "url": "http://www.ubuntu.com/usn/USN-2198-1"}, {"name": "USN-2200-1", "tags": ["vendor-advisory", "x_refsource_UBUNTU"], "url": "http://www.ubuntu.com/usn/USN-2200-1"}, {"name": "USN-2201-1", "tags": ["vendor-advisory", "x_refsource_UBUNTU"], "url": "http://www.ubuntu.com/usn/USN-2201-1"}, {"name": "USN-2196-1", "tags": ["vendor-advisory", "x_refsource_UBUNTU"], "url": "http://www.ubuntu.com/usn/USN-2196-1"}]}, "adp": [{"providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2024-08-06T09:05:39.223Z"}, "title": "CVE Program Container", "references": [{"name": "USN-2203-1", "tags": ["vendor-advisory", "x_refsource_UBUNTU", "x_transferred"], "url": "http://www.ubuntu.com/usn/USN-2203-1"}, {"tags": ["x_refsource_CONFIRM", "x_transferred"], "url": "http://support.f5.com/kb/en-us/solutions/public/15000/300/sol15319.html"}, {"name": "106646", "tags": ["vdb-entry", "x_refsource_OSVDB", "x_transferred"], "url": "http://www.osvdb.org/106646"}, {"name": "SUSE-SU-2014:0683", "tags": ["vendor-advisory", "x_refsource_SUSE", "x_transferred"], "url": "http://lists.opensuse.org/opensuse-security-announce/2014-05/msg00012.html"}, {"name": "[oss-security] 20140429 CVE-2014-0196: Linux kernel pty layer race condition memory corruption", "tags": ["mailing-list", "x_refsource_MLIST", "x_transferred"], "url": "http://www.openwall.com/lists/oss-security/2014/05/05/6"}, {"name": "59262", "tags": ["third-party-advisory", "x_refsource_SECUNIA", "x_transferred"], "url": "http://secunia.com/advisories/59262"}, {"name": "USN-2204-1", "tags": ["vendor-advisory", "x_refsource_UBUNTU", "x_transferred"], "url": "http://www.ubuntu.com/usn/USN-2204-1"}, {"name": "59218", "tags": ["third-party-advisory", "x_refsource_SECUNIA", "x_transferred"], "url": "http://secunia.com/advisories/59218"}, {"name": "USN-2202-1", "tags": ["vendor-advisory", "x_refsource_UBUNTU", "x_transferred"], "url": "http://www.ubuntu.com/usn/USN-2202-1"}, {"name": "33516", "tags": ["exploit", "x_refsource_EXPLOIT-DB", "x_transferred"], "url": "http://www.exploit-db.com/exploits/33516"}, {"name": "DSA-2928", "tags": ["vendor-advisory", "x_refsource_DEBIAN", "x_transferred"], "url": "http://www.debian.org/security/2014/dsa-2928"}, {"name": "USN-2199-1", "tags": ["vendor-advisory", "x_refsource_UBUNTU", "x_transferred"], "url": "http://www.ubuntu.com/usn/USN-2199-1"}, {"tags": ["x_refsource_CONFIRM", "x_transferred"], "url": "http://linux.oracle.com/errata/ELSA-2014-0771.html"}, {"tags": ["x_refsource_CONFIRM", "x_transferred"], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1094232"}, {"name": "USN-2197-1", "tags": ["vendor-advisory", "x_refsource_UBUNTU", "x_transferred"], "url": "http://www.ubuntu.com/usn/USN-2197-1"}, {"tags": ["x_refsource_CONFIRM", "x_transferred"], "url": "http://source.android.com/security/bulletin/2016-07-01.html"}, {"name": "RHSA-2014:0512", "tags": ["vendor-advisory", "x_refsource_REDHAT", "x_transferred"], "url": "http://rhn.redhat.com/errata/RHSA-2014-0512.html"}, {"name": "59599", "tags": ["third-party-advisory", "x_refsource_SECUNIA", "x_transferred"], "url": "http://secunia.com/advisories/59599"}, {"name": "DSA-2926", "tags": ["vendor-advisory", "x_refsource_DEBIAN", "x_transferred"], "url": "http://www.debian.org/security/2014/dsa-2926"}, {"tags": ["x_refsource_CONFIRM", "x_transferred"], "url": "https://github.com/torvalds/linux/commit/4291086b1f081b869c6d79e5b7441633dc3ace00"}, {"name": "SUSE-SU-2014:0667", "tags": ["vendor-advisory", "x_refsource_SUSE", "x_transferred"], "url": "http://lists.opensuse.org/opensuse-security-announce/2014-05/msg00007.html"}, {"tags": ["x_refsource_MISC", "x_transferred"], "url": "http://pastebin.com/raw.php?i=yTSFUBgZ"}, {"tags": ["x_refsource_CONFIRM", "x_transferred"], "url": "http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commit%3Bh=4291086b1f081b869c6d79e5b7441633dc3ace00"}, {"tags": ["x_refsource_CONFIRM", "x_transferred"], "url": "http://bugzilla.novell.com/show_bug.cgi?id=875690"}, {"name": "USN-2198-1", "tags": ["vendor-advisory", "x_refsource_UBUNTU", "x_transferred"], "url": "http://www.ubuntu.com/usn/USN-2198-1"}, {"name": "USN-2200-1", "tags": ["vendor-advisory", "x_refsource_UBUNTU", "x_transferred"], "url": "http://www.ubuntu.com/usn/USN-2200-1"}, {"name": "USN-2201-1", "tags": ["vendor-advisory", "x_refsource_UBUNTU", "x_transferred"], "url": "http://www.ubuntu.com/usn/USN-2201-1"}, {"name": "USN-2196-1", "tags": ["vendor-advisory", "x_refsource_UBUNTU", "x_transferred"], "url": "http://www.ubuntu.com/usn/USN-2196-1"}]}, {"problemTypes": [{"descriptions": [{"type": "CWE", "cweId": "CWE-362", "lang": "en", "description": "CWE-362 Concurrent Execution using Shared Resource with Improper Synchronization ('Race Condition')"}]}], "metrics": [{"cvssV3_1": {"scope": "UNCHANGED", "version": "3.1", "baseScore": 5.5, "attackVector": "LOCAL", "baseSeverity": "MEDIUM", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", "integrityImpact": "NONE", "userInteraction": "NONE", "attackComplexity": "LOW", "availabilityImpact": "HIGH", "privilegesRequired": "LOW", "confidentialityImpact": "NONE"}}, {"other": {"type": "ssvc", "content": {"timestamp": "2025-02-07T13:36:55.768079Z", "id": "CVE-2014-0196", "options": [{"Exploitation": "active"}, {"Automatable": "no"}, {"Technical Impact": "partial"}], "role": "CISA Coordinator", "version": "2.0.3"}}}, {"other": {"type": "kev", "content": {"dateAdded": "2023-05-12", "reference": "https://www.cisa.gov/known-exploited-vulnerabilities-catalog?search_api_fulltext=CVE-2014-0196"}}}], "title": "CISA ADP Vulnrichment", "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2025-02-07T13:36:58.638Z"}}]}, "cveMetadata": {"assignerOrgId": "53f830b8-0a3f-465b-8143-3b8a9948e749", "assignerShortName": "redhat", "cveId": "CVE-2014-0196", "datePublished": "2014-05-07T10:00:00.000Z", "dateReserved": "2013-12-03T00:00:00.000Z", "dateUpdated": "2025-02-07T13:36:58.638Z", "state": "PUBLISHED"}, "dataType": "CVE_RECORD", "dataVersion": "5.1"}

{"dataType": "CVE_RECORD", "containers": {"adp": [{"title": "CVE Program Container", "references": [{"url": "http://www.ubuntu.com/usn/USN-2203-1", "name": "USN-2203-1", "tags": ["vendor-advisory", "x_refsource_UBUNTU", "x_transferred"]}, {"url": "http://support.f5.com/kb/en-us/solutions/public/15000/300/sol15319.html", "tags": ["x_refsource_CONFIRM", "x_transferred"]}, {"url": "http://www.osvdb.org/106646", "name": "106646", "tags": ["vdb-entry", "x_refsource_OSVDB", "x_transferred"]}, {"url": "http://lists.opensuse.org/opensuse-security-announce/2014-05/msg00012.html", "name": "SUSE-SU-2014:0683", "tags": ["vendor-advisory", "x_refsource_SUSE", "x_transferred"]}, {"url": "http://www.openwall.com/lists/oss-security/2014/05/05/6", "name": "[oss-security] 20140429 CVE-2014-0196: Linux kernel pty layer race condition memory corruption", "tags": ["mailing-list", "x_refsource_MLIST", "x_transferred"]}, {"url": "http://secunia.com/advisories/59262", "name": "59262", "tags": ["third-party-advisory", "x_refsource_SECUNIA", "x_transferred"]}, {"url": "http://www.ubuntu.com/usn/USN-2204-1", "name": "USN-2204-1", "tags": ["vendor-advisory", "x_refsource_UBUNTU", "x_transferred"]}, {"url": "http://secunia.com/advisories/59218", "name": "59218", "tags": ["third-party-advisory", "x_refsource_SECUNIA", "x_transferred"]}, {"url": "http://www.ubuntu.com/usn/USN-2202-1", "name": "USN-2202-1", "tags": ["vendor-advisory", "x_refsource_UBUNTU", "x_transferred"]}, {"url": "http://www.exploit-db.com/exploits/33516", "name": "33516", "tags": ["exploit", "x_refsource_EXPLOIT-DB", "x_transferred"]}, {"url": "http://www.debian.org/security/2014/dsa-2928", "name": "DSA-2928", "tags": ["vendor-advisory", "x_refsource_DEBIAN", "x_transferred"]}, {"url": "http://www.ubuntu.com/usn/USN-2199-1", "name": "USN-2199-1", "tags": ["vendor-advisory", "x_refsource_UBUNTU", "x_transferred"]}, {"url": "http://linux.oracle.com/errata/ELSA-2014-0771.html", "tags": ["x_refsource_CONFIRM", "x_transferred"]}, {"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1094232", "tags": ["x_refsource_CONFIRM", "x_transferred"]}, {"url": "http://www.ubuntu.com/usn/USN-2197-1", "name": "USN-2197-1", "tags": ["vendor-advisory", "x_refsource_UBUNTU", "x_transferred"]}, {"url": "http://source.android.com/security/bulletin/2016-07-01.html", "tags": ["x_refsource_CONFIRM", "x_transferred"]}, {"url": "http://rhn.redhat.com/errata/RHSA-2014-0512.html", "name": "RHSA-2014:0512", "tags": ["vendor-advisory", "x_refsource_REDHAT", "x_transferred"]}, {"url": "http://secunia.com/advisories/59599", "name": "59599", "tags": ["third-party-advisory", "x_refsource_SECUNIA", "x_transferred"]}, {"url": "http://www.debian.org/security/2014/dsa-2926", "name": "DSA-2926", "tags": ["vendor-advisory", "x_refsource_DEBIAN", "x_transferred"]}, {"url": "https://github.com/torvalds/linux/commit/4291086b1f081b869c6d79e5b7441633dc3ace00", "tags": ["x_refsource_CONFIRM", "x_transferred"]}, {"url": "http://lists.opensuse.org/opensuse-security-announce/2014-05/msg00007.html", "name": "SUSE-SU-2014:0667", "tags": ["vendor-advisory", "x_refsource_SUSE", "x_transferred"]}, {"url": "http://pastebin.com/raw.php?i=yTSFUBgZ", "tags": ["x_refsource_MISC", "x_transferred"]}, {"url": "http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commit%3Bh=4291086b1f081b869c6d79e5b7441633dc3ace00", "tags": ["x_refsource_CONFIRM", "x_transferred"]}, {"url": "http://bugzilla.novell.com/show_bug.cgi?id=875690", "tags": ["x_refsource_CONFIRM", "x_transferred"]}, {"url": "http://www.ubuntu.com/usn/USN-2198-1", "name": "USN-2198-1", "tags": ["vendor-advisory", "x_refsource_UBUNTU", "x_transferred"]}, {"url": "http://www.ubuntu.com/usn/USN-2200-1", "name": "USN-2200-1", "tags": ["vendor-advisory", "x_refsource_UBUNTU", "x_transferred"]}, {"url": "http://www.ubuntu.com/usn/USN-2201-1", "name": "USN-2201-1", "tags": ["vendor-advisory", "x_refsource_UBUNTU", "x_transferred"]}, {"url": "http://www.ubuntu.com/usn/USN-2196-1", "name": "USN-2196-1", "tags": ["vendor-advisory", "x_refsource_UBUNTU", "x_transferred"]}], "providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2024-08-06T09:05:39.223Z"}}, {"title": "CISA ADP Vulnrichment", "metrics": [{"cvssV3_1": {"scope": "UNCHANGED", "version": "3.1", "baseScore": 5.5, "attackVector": "LOCAL", "baseSeverity": "MEDIUM", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", "integrityImpact": "NONE", "userInteraction": "NONE", "attackComplexity": "LOW", "availabilityImpact": "HIGH", "privilegesRequired": "LOW", "confidentialityImpact": "NONE"}}, {"other": {"type": "ssvc", "content": {"id": "CVE-2014-0196", "role": "CISA Coordinator", "options": [{"Exploitation": "active"}, {"Automatable": "no"}, {"Technical Impact": "partial"}], "version": "2.0.3", "timestamp": "2025-02-07T13:36:55.768079Z"}}}, {"other": {"type": "kev", "content": {"dateAdded": "2023-05-12", "reference": "https://www.cisa.gov/known-exploited-vulnerabilities-catalog?search_api_fulltext=CVE-2014-0196"}}}], "problemTypes": [{"descriptions": [{"lang": "en", "type": "CWE", "cweId": "CWE-362", "description": "CWE-362 Concurrent Execution using Shared Resource with Improper Synchronization ('Race Condition')"}]}], "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2025-02-07T13:25:01.943Z"}}], "cna": {"affected": [{"vendor": "n/a", "product": "n/a", "versions": [{"status": "affected", "version": "n/a"}]}], "datePublic": "2014-04-29T00:00:00.000Z", "references": [{"url": "http://www.ubuntu.com/usn/USN-2203-1", "name": "USN-2203-1", "tags": ["vendor-advisory", "x_refsource_UBUNTU"]}, {"url": "http://support.f5.com/kb/en-us/solutions/public/15000/300/sol15319.html", "tags": ["x_refsource_CONFIRM"]}, {"url": "http://www.osvdb.org/106646", "name": "106646", "tags": ["vdb-entry", "x_refsource_OSVDB"]}, {"url": "http://lists.opensuse.org/opensuse-security-announce/2014-05/msg00012.html", "name": "SUSE-SU-2014:0683", "tags": ["vendor-advisory", "x_refsource_SUSE"]}, {"url": "http://www.openwall.com/lists/oss-security/2014/05/05/6", "name": "[oss-security] 20140429 CVE-2014-0196: Linux kernel pty layer race condition memory corruption", "tags": ["mailing-list", "x_refsource_MLIST"]}, {"url": "http://secunia.com/advisories/59262", "name": "59262", "tags": ["third-party-advisory", "x_refsource_SECUNIA"]}, {"url": "http://www.ubuntu.com/usn/USN-2204-1", "name": "USN-2204-1", "tags": ["vendor-advisory", "x_refsource_UBUNTU"]}, {"url": "http://secunia.com/advisories/59218", "name": "59218", "tags": ["third-party-advisory", "x_refsource_SECUNIA"]}, {"url": "http://www.ubuntu.com/usn/USN-2202-1", "name": "USN-2202-1", "tags": ["vendor-advisory", "x_refsource_UBUNTU"]}, {"url": "http://www.exploit-db.com/exploits/33516", "name": "33516", "tags": ["exploit", "x_refsource_EXPLOIT-DB"]}, {"url": "http://www.debian.org/security/2014/dsa-2928", "name": "DSA-2928", "tags": ["vendor-advisory", "x_refsource_DEBIAN"]}, {"url": "http://www.ubuntu.com/usn/USN-2199-1", "name": "USN-2199-1", "tags": ["vendor-advisory", "x_refsource_UBUNTU"]}, {"url": "http://linux.oracle.com/errata/ELSA-2014-0771.html", "tags": ["x_refsource_CONFIRM"]}, {"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1094232", "tags": ["x_refsource_CONFIRM"]}, {"url": "http://www.ubuntu.com/usn/USN-2197-1", "name": "USN-2197-1", "tags": ["vendor-advisory", "x_refsource_UBUNTU"]}, {"url": "http://source.android.com/security/bulletin/2016-07-01.html", "tags": ["x_refsource_CONFIRM"]}, {"url": "http://rhn.redhat.com/errata/RHSA-2014-0512.html", "name": "RHSA-2014:0512", "tags": ["vendor-advisory", "x_refsource_REDHAT"]}, {"url": "http://secunia.com/advisories/59599", "name": "59599", "tags": ["third-party-advisory", "x_refsource_SECUNIA"]}, {"url": "http://www.debian.org/security/2014/dsa-2926", "name": "DSA-2926", "tags": ["vendor-advisory", "x_refsource_DEBIAN"]}, {"url": "https://github.com/torvalds/linux/commit/4291086b1f081b869c6d79e5b7441633dc3ace00", "tags": ["x_refsource_CONFIRM"]}, {"url": "http://lists.opensuse.org/opensuse-security-announce/2014-05/msg00007.html", "name": "SUSE-SU-2014:0667", "tags": ["vendor-advisory", "x_refsource_SUSE"]}, {"url": "http://pastebin.com/raw.php?i=yTSFUBgZ", "tags": ["x_refsource_MISC"]}, {"url": "http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commit%3Bh=4291086b1f081b869c6d79e5b7441633dc3ace00", "tags": ["x_refsource_CONFIRM"]}, {"url": "http://bugzilla.novell.com/show_bug.cgi?id=875690", "tags": ["x_refsource_CONFIRM"]}, {"url": "http://www.ubuntu.com/usn/USN-2198-1", "name": "USN-2198-1", "tags": ["vendor-advisory", "x_refsource_UBUNTU"]}, {"url": "http://www.ubuntu.com/usn/USN-2200-1", "name": "USN-2200-1", "tags": ["vendor-advisory", "x_refsource_UBUNTU"]}, {"url": "http://www.ubuntu.com/usn/USN-2201-1", "name": "USN-2201-1", "tags": ["vendor-advisory", "x_refsource_UBUNTU"]}, {"url": "http://www.ubuntu.com/usn/USN-2196-1", "name": "USN-2196-1", "tags": ["vendor-advisory", "x_refsource_UBUNTU"]}], "descriptions": [{"lang": "en", "value": "The n_tty_write function in drivers/tty/n_tty.c in the Linux kernel through 3.14.3 does not properly manage tty driver access in the \"LECHO & !OPOST\" case, which allows local users to cause a denial of service (memory corruption and system crash) or gain privileges by triggering a race condition involving read and write operations with long strings."}], "problemTypes": [{"descriptions": [{"lang": "en", "type": "text", "description": "n/a"}]}], "providerMetadata": {"orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749", "shortName": "redhat", "dateUpdated": "2017-01-05T14:57:01.000Z"}}}, "cveMetadata": {"cveId": "CVE-2014-0196", "state": "PUBLISHED", "dateUpdated": "2025-02-07T13:36:58.638Z", "dateReserved": "2013-12-03T00:00:00.000Z", "assignerOrgId": "53f830b8-0a3f-465b-8143-3b8a9948e749", "datePublished": "2014-05-07T10:00:00.000Z", "assignerShortName": "redhat"}, "dataVersion": "5.1"}

{"cisaActionDue": "2023-06-02", "cisaExploitAdd": "2023-05-12", "cisaRequiredAction": "The impacted product is end-of-life and should be disconnected if still in use.", "cisaVulnerabilityName": "Linux Kernel Race Condition Vulnerability", "configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "matchCriteriaId": "FFDB0B31-FFF7-471B-9352-29099002BED7", "versionEndExcluding": "3.2.59", "versionStartExcluding": "2.6.31", "vulnerable": true}, {"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "matchCriteriaId": "992BFD6A-701C-4412-9220-F6C77B4E64F3", "versionEndExcluding": "3.4.91", "versionStartIncluding": "3.3", "vulnerable": true}, {"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "matchCriteriaId": "287DC65B-A513-4FB9-A1CF-69F428030DF8", "versionEndExcluding": "3.10.40", "versionStartIncluding": "3.5", "vulnerable": true}, {"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "matchCriteriaId": "D82F8C94-5FA7-4A7A-8855-ECF21B3BBD42", "versionEndExcluding": "3.12.20", "versionStartIncluding": "3.11", "vulnerable": true}, {"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "matchCriteriaId": "9996644C-371E-49B9-A494-733B1EA513EC", "versionEndExcluding": "3.14.4", "versionStartIncluding": "3.13", "vulnerable": true}, {"criteria": "cpe:2.3:o:linux:linux_kernel:2.6.31:-:*:*:*:*:*:*", "matchCriteriaId": "2887290A-1B43-4DB9-A9D0-B0B56CD78E48", "vulnerable": true}, {"criteria": "cpe:2.3:o:linux:linux_kernel:2.6.31:rc3:*:*:*:*:*:*", "matchCriteriaId": "A2507858-675B-4DA2-A49E-00DB54700CF3", "vulnerable": true}, {"criteria": "cpe:2.3:o:linux:linux_kernel:2.6.31:rc4:*:*:*:*:*:*", "matchCriteriaId": "0A25EA55-3F1C-440C-A383-0BB9556C9508", "vulnerable": true}, {"criteria": "cpe:2.3:o:linux:linux_kernel:2.6.31:rc5:*:*:*:*:*:*", "matchCriteriaId": "B2665356-4EF5-4543-AD15-67FDB851DCCD", "vulnerable": true}, {"criteria": "cpe:2.3:o:linux:linux_kernel:2.6.31:rc6:*:*:*:*:*:*", "matchCriteriaId": "26E7609B-B058-496D-ACDD-7F69FBDE89E5", "vulnerable": true}, {"criteria": "cpe:2.3:o:linux:linux_kernel:2.6.31:rc7:*:*:*:*:*:*", "matchCriteriaId": "210BF049-8B3C-4ACC-BF8E-2C3551477602", "vulnerable": true}, {"criteria": "cpe:2.3:o:linux:linux_kernel:2.6.31:rc8:*:*:*:*:*:*", "matchCriteriaId": "1837F32C-80D3-4E10-AE5D-E9F5A11A434E", "vulnerable": true}, {"criteria": "cpe:2.3:o:linux:linux_kernel:2.6.31:rc9:*:*:*:*:*:*", "matchCriteriaId": "4B4E132B-A69A-4CD1-B4D9-E17C4361A3AC", "vulnerable": true}], "negate": false, "operator": "OR"}]}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:debian:debian_linux:6.0:*:*:*:*:*:*:*", "matchCriteriaId": "036E8A89-7A16-411F-9D31-676313BB7244", "vulnerable": true}, {"criteria": "cpe:2.3:o:debian:debian_linux:7.0:*:*:*:*:*:*:*", "matchCriteriaId": "16F59A04-14CF-49E2-9973-645477EA09DA", "vulnerable": true}], "negate": false, "operator": "OR"}]}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:redhat:enterprise_linux:6.0:*:*:*:*:*:*:*", "matchCriteriaId": "2F6AB192-9D7D-4A9A-8995-E53A9DE9EAFC", "vulnerable": true}, {"criteria": "cpe:2.3:o:redhat:enterprise_linux_eus:6.3:*:*:*:*:*:*:*", "matchCriteriaId": "8382A145-CDD9-437E-9DE7-A349956778B3", "vulnerable": true}, {"criteria": "cpe:2.3:o:redhat:enterprise_linux_eus:6.4:*:*:*:*:*:*:*", "matchCriteriaId": "8A8E07B7-3739-4BEB-88F8-C7F62431E889", "vulnerable": true}, {"criteria": "cpe:2.3:o:redhat:enterprise_linux_server_eus:6.3:*:*:*:*:*:*:*", "matchCriteriaId": "413CC30E-5FFE-47A4-B38B-80E3A9B13238", "vulnerable": true}], "negate": false, "operator": "OR"}]}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:suse:suse_linux_enterprise_desktop:11:sp3:*:*:*:-:*:*", "matchCriteriaId": "DD41513F-36F9-459C-A0CB-26C025E63CDD", "vulnerable": true}, {"criteria": "cpe:2.3:o:suse:suse_linux_enterprise_high_availability_extension:11:sp3:*:*:*:*:*:*", "matchCriteriaId": "B39F3060-6F9E-4F20-8924-FEF5ED8A30CD", "vulnerable": true}, {"criteria": "cpe:2.3:o:suse:suse_linux_enterprise_server:11:sp3:*:*:*:-:*:*", "matchCriteriaId": "B2866FAF-4340-4EA7-9009-6594ADA27AF9", "vulnerable": true}, {"criteria": "cpe:2.3:o:suse:suse_linux_enterprise_server:11:sp3:*:*:*:vmware:*:*", "matchCriteriaId": "0EA03350-8702-43D5-8605-5FB765A3F60B", "vulnerable": true}], "negate": false, "operator": "OR"}]}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:oracle:linux:6:-:*:*:*:*:*:*", "matchCriteriaId": "D7B037A8-72A6-4DFF-94B2-D688A5F6F876", "vulnerable": true}], "negate": false, "operator": "OR"}]}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:canonical:ubuntu_linux:10.04:*:*:*:-:*:*:*", "matchCriteriaId": "01EDA41C-6B2E-49AF-B503-EB3882265C11", "vulnerable": true}, {"criteria": "cpe:2.3:o:canonical:ubuntu_linux:12.04:*:*:*:esm:*:*:*", "matchCriteriaId": "8D305F7A-D159-4716-AB26-5E38BB5CD991", "vulnerable": true}, {"criteria": "cpe:2.3:o:canonical:ubuntu_linux:12.10:*:*:*:*:*:*:*", "matchCriteriaId": "E2076871-2E80-4605-A470-A41C1A8EC7EE", "vulnerable": true}, {"criteria": "cpe:2.3:o:canonical:ubuntu_linux:13.10:*:*:*:*:*:*:*", "matchCriteriaId": "7F61F047-129C-41A6-8A27-FFCBB8563E91", "vulnerable": true}, {"criteria": "cpe:2.3:o:canonical:ubuntu_linux:14.04:*:*:*:esm:*:*:*", "matchCriteriaId": "815D70A8-47D3-459C-A32C-9FEACA0659D1", "vulnerable": true}], "negate": false, "operator": "OR"}]}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:a:f5:big-ip_access_policy_manager:*:*:*:*:*:*:*:*", "matchCriteriaId": "8F315708-017C-4362-9C09-6774F89D9370", "versionEndIncluding": "11.5.1", "versionStartIncluding": "11.1.0", "vulnerable": true}, {"criteria": "cpe:2.3:a:f5:big-ip_advanced_firewall_manager:*:*:*:*:*:*:*:*", "matchCriteriaId": "48BBEF73-E87D-467F-85EB-47BE212DF0E8", "versionEndIncluding": "11.5.1", "versionStartIncluding": "11.3.0", "vulnerable": true}, {"criteria": "cpe:2.3:a:f5:big-ip_analytics:*:*:*:*:*:*:*:*", "matchCriteriaId": "A430FFB4-418C-43DA-8E17-020618A77A56", "versionEndIncluding": "11.5.1", "versionStartIncluding": "11.1.0", "vulnerable": true}, {"criteria": "cpe:2.3:a:f5:big-ip_application_acceleration_manager:*:*:*:*:*:*:*:*", "matchCriteriaId": "C483253F-841E-4D4E-9B4A-932E9D07268B", "versionEndIncluding": "11.5.1", "versionStartIncluding": "11.4.0", "vulnerable": true}, {"criteria": "cpe:2.3:a:f5:big-ip_application_security_manager:*:*:*:*:*:*:*:*", "matchCriteriaId": "7A0CC74C-6914-4A6F-A1CE-65A695AE31F6", "versionEndIncluding": "11.5.1", "versionStartIncluding": "11.1.0", "vulnerable": true}, {"criteria": "cpe:2.3:a:f5:big-ip_edge_gateway:*:*:*:*:*:*:*:*", "matchCriteriaId": "9FF30167-0241-4136-82F8-2D2FB545C19A", "versionEndIncluding": "11.3.0", "versionStartIncluding": "11.1.0", "vulnerable": true}, {"criteria": "cpe:2.3:a:f5:big-ip_global_traffic_manager:*:*:*:*:*:*:*:*", "matchCriteriaId": "54A45725-FECD-4CA9-BFA4-E13FCDFDDF13", "versionEndIncluding": "11.5.1", "versionStartIncluding": "11.1.0", "vulnerable": true}, {"criteria": "cpe:2.3:a:f5:big-ip_link_controller:*:*:*:*:*:*:*:*", "matchCriteriaId": "8C596B3F-9D93-49D2-99D7-D590CC9AEAA5", "versionEndIncluding": "11.5.1", "versionStartIncluding": "11.1.0", "vulnerable": true}, {"criteria": "cpe:2.3:a:f5:big-ip_local_traffic_manager:*:*:*:*:*:*:*:*", "matchCriteriaId": "D8696A6B-1B56-43B5-A506-21E17735B9CA", "versionEndIncluding": "11.5.1", "versionStartIncluding": "11.1.0", "vulnerable": true}, {"criteria": "cpe:2.3:a:f5:big-ip_policy_enforcement_manager:*:*:*:*:*:*:*:*", "matchCriteriaId": "E9A06D61-E6CB-4A8A-B06D-9FEA1812C167", "versionEndIncluding": "11.5.1", "versionStartIncluding": "11.3.0", "vulnerable": true}, {"criteria": "cpe:2.3:a:f5:big-ip_protocol_security_module:*:*:*:*:*:*:*:*", "matchCriteriaId": "8C666A18-9DED-4B49-92DE-474403FC17BF", "versionEndIncluding": "11.4.1", "versionStartIncluding": "11.1.0", "vulnerable": true}, {"criteria": "cpe:2.3:a:f5:big-ip_wan_optimization_manager:*:*:*:*:*:*:*:*", "matchCriteriaId": "A6B52D60-38DB-4BE9-91F4-B6553F5E5A93", "versionEndIncluding": "11.3.0", "versionStartIncluding": "11.1.0", "vulnerable": true}, {"criteria": "cpe:2.3:a:f5:big-ip_webaccelerator:*:*:*:*:*:*:*:*", "matchCriteriaId": "E1E3204F-9464-4AC3-819B-D1A6B399FAE3", "versionEndIncluding": "11.3.0", "versionStartIncluding": "11.1.0", "vulnerable": true}, {"criteria": "cpe:2.3:a:f5:big-iq_application_delivery_controller:4.5.0:*:*:*:*:*:*:*", "matchCriteriaId": "222B4DE7-1D3D-40DF-A9EB-EFABDA8FAEA6", "vulnerable": true}, {"criteria": "cpe:2.3:a:f5:big-iq_centralized_management:4.6.0:*:*:*:*:*:*:*", "matchCriteriaId": "24AEF0B2-7C8C-432C-A840-C2441A70343F", "vulnerable": true}, {"criteria": "cpe:2.3:a:f5:big-iq_cloud:*:*:*:*:*:*:*:*", "matchCriteriaId": "8C8BF865-BA45-4711-829F-EC8E5EA22D2F", "versionEndIncluding": "4.5.0", "versionStartIncluding": "4.0.0", "vulnerable": true}, {"criteria": "cpe:2.3:a:f5:big-iq_cloud_and_orchestration:1.0.0:*:*:*:*:*:*:*", "matchCriteriaId": "E21D6206-4716-47FE-A733-F18343656E94", "vulnerable": true}, {"criteria": "cpe:2.3:a:f5:big-iq_device:*:*:*:*:*:*:*:*", "matchCriteriaId": "3BC0EAFD-DA5E-4A1B-81CB-0D5A964F9EB6", "versionEndIncluding": "4.5.0", "versionStartIncluding": "4.2.0", "vulnerable": true}, {"criteria": "cpe:2.3:a:f5:big-iq_security:*:*:*:*:*:*:*:*", "matchCriteriaId": "6B3E56EB-202A-4F58-8E94-B2DDA1693498", "versionEndIncluding": "4.5.0", "versionStartIncluding": "4.0.0", "vulnerable": true}, {"criteria": "cpe:2.3:a:f5:enterprise_manager:3.1.0:*:*:*:*:*:*:*", "matchCriteriaId": "4C580F19-AF18-49EE-89FF-8C4F5C88314D", "vulnerable": true}, {"criteria": "cpe:2.3:a:f5:enterprise_manager:3.1.1:*:*:*:*:*:*:*", "matchCriteriaId": "D5F5FEE7-059A-4A9B-BCCD-18F0AA435040", "vulnerable": true}], "negate": false, "operator": "OR"}]}], "cveTags": [], "descriptions": [{"lang": "en", "value": "The n_tty_write function in drivers/tty/n_tty.c in the Linux kernel through 3.14.3 does not properly manage tty driver access in the \"LECHO & !OPOST\" case, which allows local users to cause a denial of service (memory corruption and system crash) or gain privileges by triggering a race condition involving read and write operations with long strings."}, {"lang": "es", "value": "La funci\u00f3n n_tty_write en drivers/tty/n_tty.c en el kernel de Linux hasta 3.14.3 no maneja debidamente acceso al controlador tty en el caso 'LECHO & !OPOST', lo que permite a usuarios locales causar una denegaci\u00f3n de servicio (consumo de memoria y ca\u00edda de sistema) o ganar privilegios mediante la provocaci\u00f3n de una condici\u00f3n de carrera involucrando operaciones de lectura y escritura con cadenas largas."}], "id": "CVE-2014-0196", "lastModified": "2025-02-07T14:15:36.983", "metrics": {"cvssMetricV2": [{"acInsufInfo": false, "baseSeverity": "MEDIUM", "cvssData": {"accessComplexity": "MEDIUM", "accessVector": "LOCAL", "authentication": "NONE", "availabilityImpact": "COMPLETE", "baseScore": 6.9, "confidentialityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "vectorString": "AV:L/AC:M/Au:N/C:C/I:C/A:C", "version": "2.0"}, "exploitabilityScore": 3.4, "impactScore": 10.0, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": false}], "cvssMetricV31": [{"cvssData": {"attackComplexity": "LOW", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "baseScore": 5.5, "baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "LOW", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", "version": "3.1"}, "exploitabilityScore": 1.8, "impactScore": 3.6, "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "type": "Secondary"}]}, "published": "2014-05-07T10:55:04.337", "references": [{"source": "secalert@redhat.com", "tags": ["Issue Tracking", "Permissions Required", "Third Party Advisory"], "url": "http://bugzilla.novell.com/show_bug.cgi?id=875690"}, {"source": "secalert@redhat.com", "tags": ["Broken Link"], "url": "http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commit%3Bh=4291086b1f081b869c6d79e5b7441633dc3ace00"}, {"source": "secalert@redhat.com", "tags": ["Third Party Advisory"], "url": "http://linux.oracle.com/errata/ELSA-2014-0771.html"}, {"source": "secalert@redhat.com", "tags": ["Mailing List", "Third Party Advisory"], "url": "http://lists.opensuse.org/opensuse-security-announce/2014-05/msg00007.html"}, {"source": "secalert@redhat.com", "tags": ["Mailing List", "Third Party Advisory"], "url": "http://lists.opensuse.org/opensuse-security-announce/2014-05/msg00012.html"}, {"source": "secalert@redhat.com", "tags": ["Exploit", "Mailing List", "Third Party Advisory"], "url": "http://pastebin.com/raw.php?i=yTSFUBgZ"}, {"source": "secalert@redhat.com", "tags": ["Third Party Advisory"], "url": "http://rhn.redhat.com/errata/RHSA-2014-0512.html"}, {"source": "secalert@redhat.com", "tags": ["Not Applicable"], "url": "http://secunia.com/advisories/59218"}, {"source": "secalert@redhat.com", "tags": ["Broken Link"], "url": "http://secunia.com/advisories/59262"}, {"source": "secalert@redhat.com", "tags": ["Broken Link"], "url": "http://secunia.com/advisories/59599"}, {"source": "secalert@redhat.com", "tags": ["Not Applicable"], "url": "http://source.android.com/security/bulletin/2016-07-01.html"}, {"source": "secalert@redhat.com", "tags": ["Third Party Advisory"], "url": "http://support.f5.com/kb/en-us/solutions/public/15000/300/sol15319.html"}, {"source": "secalert@redhat.com", "tags": ["Third Party Advisory"], "url": "http://www.debian.org/security/2014/dsa-2926"}, {"source": "secalert@redhat.com", "tags": ["Third Party Advisory"], "url": "http://www.debian.org/security/2014/dsa-2928"}, {"source": "secalert@redhat.com", "tags": ["Exploit", "Third Party Advisory", "VDB Entry"], "url": "http://www.exploit-db.com/exploits/33516"}, {"source": "secalert@redhat.com", "tags": ["Mailing List", "Third Party Advisory"], "url": "http://www.openwall.com/lists/oss-security/2014/05/05/6"}, {"source": "secalert@redhat.com", "tags": ["Broken Link"], "url": "http://www.osvdb.org/106646"}, {"source": "secalert@redhat.com", "tags": ["Third Party Advisory"], "url": "http://www.ubuntu.com/usn/USN-2196-1"}, {"source": "secalert@redhat.com", "tags": ["Third Party Advisory"], "url": "http://www.ubuntu.com/usn/USN-2197-1"}, {"source": "secalert@redhat.com", "tags": ["Third Party Advisory"], "url": "http://www.ubuntu.com/usn/USN-2198-1"}, {"source": "secalert@redhat.com", "tags": ["Third Party Advisory"], "url": "http://www.ubuntu.com/usn/USN-2199-1"}, {"source": "secalert@redhat.com", "tags": ["Third Party Advisory"], "url": "http://www.ubuntu.com/usn/USN-2200-1"}, {"source": "secalert@redhat.com", "tags": ["Third Party Advisory"], "url": "http://www.ubuntu.com/usn/USN-2201-1"}, {"source": "secalert@redhat.com", "tags": ["Third Party Advisory"], "url": "http://www.ubuntu.com/usn/USN-2202-1"}, {"source": "secalert@redhat.com", "tags": ["Third Party Advisory"], "url": "http://www.ubuntu.com/usn/USN-2203-1"}, {"source": "secalert@redhat.com", "tags": ["Third Party Advisory"], "url": "http://www.ubuntu.com/usn/USN-2204-1"}, {"source": "secalert@redhat.com", "tags": ["Issue Tracking", "Patch", "Third Party Advisory"], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1094232"}, {"source": "secalert@redhat.com", "tags": ["Exploit", "Patch", "Third Party Advisory"], "url": "https://github.com/torvalds/linux/commit/4291086b1f081b869c6d79e5b7441633dc3ace00"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Issue Tracking", "Permissions Required", "Third Party Advisory"], "url": "http://bugzilla.novell.com/show_bug.cgi?id=875690"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Broken Link"], "url": "http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commit%3Bh=4291086b1f081b869c6d79e5b7441633dc3ace00"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Third Party Advisory"], "url": "http://linux.oracle.com/errata/ELSA-2014-0771.html"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Mailing List", "Third Party Advisory"], "url": "http://lists.opensuse.org/opensuse-security-announce/2014-05/msg00007.html"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Mailing List", "Third Party Advisory"], "url": "http://lists.opensuse.org/opensuse-security-announce/2014-05/msg00012.html"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Exploit", "Mailing List", "Third Party Advisory"], "url": "http://pastebin.com/raw.php?i=yTSFUBgZ"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Third Party Advisory"], "url": "http://rhn.redhat.com/errata/RHSA-2014-0512.html"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Not Applicable"], "url": "http://secunia.com/advisories/59218"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Broken Link"], "url": "http://secunia.com/advisories/59262"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Broken Link"], "url": "http://secunia.com/advisories/59599"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Not Applicable"], "url": "http://source.android.com/security/bulletin/2016-07-01.html"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Third Party Advisory"], "url": "http://support.f5.com/kb/en-us/solutions/public/15000/300/sol15319.html"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Third Party Advisory"], "url": "http://www.debian.org/security/2014/dsa-2926"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Third Party Advisory"], "url": "http://www.debian.org/security/2014/dsa-2928"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Exploit", "Third Party Advisory", "VDB Entry"], "url": "http://www.exploit-db.com/exploits/33516"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Mailing List", "Third Party Advisory"], "url": "http://www.openwall.com/lists/oss-security/2014/05/05/6"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Broken Link"], "url": "http://www.osvdb.org/106646"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Third Party Advisory"], "url": "http://www.ubuntu.com/usn/USN-2196-1"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Third Party Advisory"], "url": "http://www.ubuntu.com/usn/USN-2197-1"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Third Party Advisory"], "url": "http://www.ubuntu.com/usn/USN-2198-1"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Third Party Advisory"], "url": "http://www.ubuntu.com/usn/USN-2199-1"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Third Party Advisory"], "url": "http://www.ubuntu.com/usn/USN-2200-1"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Third Party Advisory"], "url": "http://www.ubuntu.com/usn/USN-2201-1"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Third Party Advisory"], "url": "http://www.ubuntu.com/usn/USN-2202-1"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Third Party Advisory"], "url": "http://www.ubuntu.com/usn/USN-2203-1"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Third Party Advisory"], "url": "http://www.ubuntu.com/usn/USN-2204-1"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Issue Tracking", "Patch", "Third Party Advisory"], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1094232"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Exploit", "Patch", "Third Party Advisory"], "url": "https://github.com/torvalds/linux/commit/4291086b1f081b869c6d79e5b7441633dc3ace00"}], "sourceIdentifier": "secalert@redhat.com", "vulnStatus": "Modified", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-362"}], "source": "nvd@nist.gov", "type": "Primary"}, {"description": [{"lang": "en", "value": "CWE-362"}], "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "type": "Secondary"}]}

{"affected_release": [{"advisory": "RHSA-2013:0744", "cpe": "cpe:/o:redhat:enterprise_linux:6", "package": "kernel-0:2.6.32-358.6.1.el6", "product_name": "Red Hat Enterprise Linux 6", "release_date": "2013-04-23T00:00:00Z"}, {"advisory": "RHSA-2014:0520", "cpe": "cpe:/o:redhat:rhel_mission_critical:6.2", "package": "kernel-0:2.6.32-220.51.1.el6", "product_name": "Red Hat Enterprise Linux 6.2 Advanced Update Support", "release_date": "2014-05-20T00:00:00Z"}, {"advisory": "RHSA-2014:0512", "cpe": "cpe:/o:redhat:rhel_eus:6.3", "package": "kernel-0:2.6.32-279.43.2.el6", "product_name": "Red Hat Enterprise Linux 6.3 EUS - Server and Compute Node Only", "release_date": "2014-05-19T00:00:00Z"}, {"advisory": "RHSA-2014:0678", "cpe": "cpe:/o:redhat:enterprise_linux:7", "package": "kernel-0:3.10.0-123.1.2.el7", "product_name": "Red Hat Enterprise Linux 7", "release_date": "2014-06-10T00:00:00Z"}, {"advisory": "RHSA-2014:0557", "cpe": "cpe:/a:redhat:enterprise_mrg:2:server:el6", "package": "kernel-rt-0:3.10.33-rt32.34.el6rt", "product_name": "Red Hat Enterprise MRG 2", "release_date": "2014-05-27T00:00:00Z"}], "bugzilla": {"description": "kernel: pty layer race condition leading to memory corruption", "id": "1094232", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1094232"}, "csaw": false, "cvss": {"cvss_base_score": "6.9", "cvss_scoring_vector": "AV:L/AC:M/Au:N/C:C/I:C/A:C", "status": "verified"}, "details": ["The n_tty_write function in drivers/tty/n_tty.c in the Linux kernel through 3.14.3 does not properly manage tty driver access in the \"LECHO & !OPOST\" case, which allows local users to cause a denial of service (memory corruption and system crash) or gain privileges by triggering a race condition involving read and write operations with long strings."], "name": "CVE-2014-0196", "package_state": [{"cpe": "cpe:/o:redhat:enterprise_linux:5", "fix_state": "Not affected", "package_name": "kernel", "product_name": "Red Hat Enterprise Linux 5"}], "public_date": "2014-05-01T00:00:00Z", "references": ["https://www.cve.org/CVERecord?id=CVE-2014-0196\nhttps://nvd.nist.gov/vuln/detail/CVE-2014-0196\nhttps://www.cisa.gov/known-exploited-vulnerabilities-catalog"], "statement": "This issue did not affect the versions of the Linux kernel packages as shipped with Red Hat Enterprise Linux 5.\nThis issue affected the versions of the Linux kernel packages as shipped with Red Hat Enterprise Linux 6 prior to version kernel-2.6.32-358.6.1.el6, released via RHSA-2013:0744 (https://rhn.redhat.com/errata/RHSA-2013-0744.html). That update added a backport of the upstream commit c56a00a165, which avoided this issue.\nThis flaw requires local system access to be exploited. We are currently not aware of any working exploit for Red Hat Enterprise Linux 6 or Red Hat Enterprise MRG 2.", "threat_severity": "Important"}