CVE-2014-0196 Vulnerability Info for CentOS and Ubuntu

Reading Time: < 1 minute

A vulnerability found in the Linux kernel, specifically a flaw with the pseudo tty (pty) device, allows an unprivileged user to cause a denial of service (system crash) or potentially gain administrator privileges. A small number of CentOS and Ubuntu versions are vulnerable, thus we want to highlight the following information:

Additional information for Ubuntu can be found here.

Additional information for CentOS can be found here.

We also have tutorials on How To Update the Kernel in CentOS / Red Hat and How To Check the Kernel Version in Linux / Ubuntu / CentOS.

MITRE CVE describes the issue as follows:

The n_tty_write function in drivers/tty/n_tty.c in the Linux kernel through 3.14.3 does not properly manage tty driver access in the “LECHO & !OPOST” case, which allows local users to cause a denial of service (memory corruption and system crash) or gain privileges by triggering a race condition involving read and write operations with long strings.

Further information on CVE-2014-0196 is available from the NIST NVD and MITRE CVE dictionary.

About the Author: J. Mays

Have Some Questions?

Our Sales and Support teams are available 24 hours by phone or e-mail to assist.

1.800.580.4985
1.517.322.0434

Latest Articles

Using SMCIPMITool to Mount an ISO Image via IPMI

Read Article

Premium Business Email Pricing FAQ

Read Article

What is the Fortran Programming Language?

Read Article

Microsoft Exchange Server Security Update

Read Article

How to Monitor Your Server in WHM

Read Article