1. Home
  2. Vulnerabilities
  3. CVE-2014-0196

CVE-2014-0196

CVSS v2.0 6.9 (Medium)
69% Progress
EPSS 1.91 % (89th)
1.91% Progress
Affected Products 30
Advisories 52
Info CVSS EPSS CAPEC Affected Configurations References Security Advisories Packages & Software OVAL Tools, Exploits & PoC Graph Web & Social Timeline

The n_tty_write function in drivers/tty/n_tty.c in the Linux kernel through 3.14.3 does not properly manage tty driver access in the "LECHO & !OPOST" case, which allows local users to cause a denial of service (memory corruption and system crash) or gain privileges by triggering a race condition involving read and write operations with long strings.

Weaknesses
CWE-362
Concurrent Execution using Shared Resource with Improper Synchronization ('Race Condition')
Related CVEs
CVE Status
PUBLISHED
CNA
Red Hat, Inc.
Published Date
2014-05-07 10:55:04
(10 years ago)
Updated Date
2024-02-09 19:24:10
(7 months ago)
Linux Kernel Race Condition Vulnerability (CISA - Known Exploited Vulnerabilities Catalog)
Description
Linux Kernel contains a race condition vulnerability within the n_tty_write function that allows local users to cause a denial-of-service (DoS) or gain privileges via read and write operations with long strings.
Required Action
The impacted product is end-of-life and should be disconnected if still in use.
Known to be Used in Ransomware Campaigns
Unknown
Notes
https://lkml.iu.edu/hypermail/linux/kernel/1609.1/02103.html; https://nvd.nist.gov/vuln/detail/CVE-2014-0196
Vendor
Linux
Product
Kernel
In CISA Catalog from
2023-05-12
(16 months ago)
Due Date
2023-06-02
(15 months ago)

Affected Products

Canonical

Debian

F5

Linux

Oracle

Redhat

Suse

Configuration #1

    CPE23 From Up To
  Linux Kernel above 2.6.31 version and prior 3.2.59 version cpe:2.3:o:linux:linux_kernel > 2.6.31 < 3.2.59
  Linux Kernel from 3.3 version and prior 3.4.91 version cpe:2.3:o:linux:linux_kernel >= 3.3 < 3.4.91
  Linux Kernel from 3.5 version and prior 3.10.40 version cpe:2.3:o:linux:linux_kernel >= 3.5 < 3.10.40
  Linux Kernel from 3.11 version and prior 3.12.20 version cpe:2.3:o:linux:linux_kernel >= 3.11 < 3.12.20
  Linux Kernel from 3.13 version and prior 3.14.4 version cpe:2.3:o:linux:linux_kernel >= 3.13 < 3.14.4
  Linux Kernel 2.6.31 cpe:2.3:o:linux:linux_kernel:2.6.31:-
  Linux Kernel 2.6.31 Rc3 cpe:2.3:o:linux:linux_kernel:2.6.31:rc3
  Linux Kernel 2.6.31 Rc4 cpe:2.3:o:linux:linux_kernel:2.6.31:rc4
  Linux Kernel 2.6.31 Rc5 cpe:2.3:o:linux:linux_kernel:2.6.31:rc5
  Linux Kernel 2.6.31 Rc6 cpe:2.3:o:linux:linux_kernel:2.6.31:rc6
  Linux Kernel 2.6.31 Rc7 cpe:2.3:o:linux:linux_kernel:2.6.31:rc7
  Linux Kernel 2.6.31 Rc8 cpe:2.3:o:linux:linux_kernel:2.6.31:rc8
  Linux Kernel 2.6.31 Rc9 cpe:2.3:o:linux:linux_kernel:2.6.31:rc9

Configuration #2

    CPE23 From Up To
  Debian Linux 6.0 cpe:2.3:o:debian:debian_linux:6.0
  Debian Linux 7.0 cpe:2.3:o:debian:debian_linux:7.0

Configuration #3

    CPE23 From Up To
  Redhat Enterprise Linux 6.0 cpe:2.3:o:redhat:enterprise_linux:6.0
  Redhat Enterprise Linux Eus 6.3 cpe:2.3:o:redhat:enterprise_linux_eus:6.3
  Redhat Enterprise Linux Eus 6.4 cpe:2.3:o:redhat:enterprise_linux_eus:6.4
  Redhat Enterprise Linux Server Eus 6.3 cpe:2.3:o:redhat:enterprise_linux_server_eus:6.3

Configuration #4

    CPE23 From Up To
  Suse Linux Enterprise Desktop 11 SP3 For cpe:2.3:o:suse:suse_linux_enterprise_desktop:11:sp3:*:*:*:-
  Suse Linux Enterprise High Availability Extension 11 SP3 cpe:2.3:o:suse:suse_linux_enterprise_high_availability_extension:11:sp3
  Suse Linux Enterprise Server 11 SP3 For cpe:2.3:o:suse:suse_linux_enterprise_server:11:sp3:*:*:*:-
  Suse Linux Enterprise Server 11 SP3 for Vmware cpe:2.3:o:suse:suse_linux_enterprise_server:11:sp3:*:*:*:vmware

Configuration #5

    CPE23 From Up To
  Oracle Linux 6 cpe:2.3:o:oracle:linux:6:-

Configuration #6

    CPE23 From Up To
  Canonical Ubuntu Linux 10.04 cpe:2.3:o:canonical:ubuntu_linux:10.04:*:*:*:-
  Canonical Ubuntu Linux 12.04 cpe:2.3:o:canonical:ubuntu_linux:12.04:*:*:*:esm
  Canonical Ubuntu Linux 12.10 cpe:2.3:o:canonical:ubuntu_linux:12.10
  Canonical Ubuntu Linux 13.10 cpe:2.3:o:canonical:ubuntu_linux:13.10
  Canonical Ubuntu Linux 14.04 cpe:2.3:o:canonical:ubuntu_linux:14.04:*:*:*:esm

Configuration #7

    CPE23 From Up To
  F5 Big-ip Access Policy Manager from 11.1.0 version and 11.5.1 and prior versions cpe:2.3:a:f5:big-ip_access_policy_manager >= 11.1.0 <= 11.5.1
  F5 Big-ip Advanced Firewall Manager from 11.3.0 version and 11.5.1 and prior versions cpe:2.3:a:f5:big-ip_advanced_firewall_manager >= 11.3.0 <= 11.5.1
  F5 Big-ip Analytics from 11.1.0 version and 11.5.1 and prior versions cpe:2.3:a:f5:big-ip_analytics >= 11.1.0 <= 11.5.1
  F5 Big-ip Application Acceleration Manager from 11.4.0 version and 11.5.1 and prior versions cpe:2.3:a:f5:big-ip_application_acceleration_manager >= 11.4.0 <= 11.5.1
  F5 Big-ip Application Security Manager from 11.1.0 version and 11.5.1 and prior versions cpe:2.3:a:f5:big-ip_application_security_manager >= 11.1.0 <= 11.5.1
  F5 Big-ip Edge Gateway from 11.1.0 version and 11.3.0 and prior versions cpe:2.3:a:f5:big-ip_edge_gateway >= 11.1.0 <= 11.3.0
  F5 Big-ip Global Traffic Manager from 11.1.0 version and 11.5.1 and prior versions cpe:2.3:a:f5:big-ip_global_traffic_manager >= 11.1.0 <= 11.5.1
  F5 Big-ip Link Controller from 11.1.0 version and 11.5.1 and prior versions cpe:2.3:a:f5:big-ip_link_controller >= 11.1.0 <= 11.5.1
  F5 Big-ip Local Traffic Manager from 11.1.0 version and 11.5.1 and prior versions cpe:2.3:a:f5:big-ip_local_traffic_manager >= 11.1.0 <= 11.5.1
  F5 Big-ip Policy Enforcement Manager from 11.3.0 version and 11.5.1 and prior versions cpe:2.3:a:f5:big-ip_policy_enforcement_manager >= 11.3.0 <= 11.5.1
  F5 Big-ip Protocol Security Module from 11.1.0 version and 11.4.1 and prior versions cpe:2.3:a:f5:big-ip_protocol_security_module >= 11.1.0 <= 11.4.1
  F5 Big-ip Wan Optimization Manager from 11.1.0 version and 11.3.0 and prior versions cpe:2.3:a:f5:big-ip_wan_optimization_manager >= 11.1.0 <= 11.3.0
  F5 Big-ip Webaccelerator from 11.1.0 version and 11.3.0 and prior versions cpe:2.3:a:f5:big-ip_webaccelerator >= 11.1.0 <= 11.3.0
  F5 Big-iq Application Delivery Controller 4.5.0 cpe:2.3:a:f5:big-iq_application_delivery_controller:4.5.0
  F5 Big-iq Centralized Management 4.6.0 cpe:2.3:a:f5:big-iq_centralized_management:4.6.0
  F5 Big-iq Cloud from 4.0.0 version and 4.5.0 and prior versions cpe:2.3:a:f5:big-iq_cloud >= 4.0.0 <= 4.5.0
  F5 Big-iq Cloud And Orchestration 1.0.0 cpe:2.3:a:f5:big-iq_cloud_and_orchestration:1.0.0
  F5 Big-iq Device from 4.2.0 version and 4.5.0 and prior versions cpe:2.3:a:f5:big-iq_device >= 4.2.0 <= 4.5.0
  F5 Big-iq Security from 4.0.0 version and 4.5.0 and prior versions cpe:2.3:a:f5:big-iq_security >= 4.0.0 <= 4.5.0
  F5 Enterprise Manager from 3.1.0 version and 3.1.1 and prior versions cpe:2.3:a:f5:enterprise_manager >= 3.1.0 <= 3.1.1