The n_tty_write function in drivers/tty/n_tty.c in the Linux kernel through 3.14.3 does not properly manage tty driver access in the “LECHO & !OPOST” case, which allows local users to cause a denial of service (memory corruption and system crash) or gain privileges by triggering a race condition involving read and write operations with long strings.Further information on CVE-2014-0196 is available from the NIST NVD and MITRE CVE dictionary.
Reading Time: < 1 minuteA vulnerability found in the Linux kernel, specifically a flaw with the pseudo tty (pty) device, allows an unprivileged user to cause a denial of service (system crash) or potentially gain administrator privileges. A small number of CentOS and Ubuntu versions are vulnerable, thus we want to highlight the following information: Additional information for Ubuntu can be found here. Additional information for CentOS can be found here. We also have tutorials on How To Update the Kernel in CentOS / Red Hat and How To Check the Kernel Version in Linux / Ubuntu / CentOS. MITRE CVE describes the issue as follows: