CVE-2014-0196 Vulnerability Info for CentOS and Ubuntu

Posted on by J. Mays | Updated:
Reading Time: < 1 minute

A vulnerability found in the Linux kernel, specifically a flaw with the pseudo tty (pty) device, allows an unprivileged user to cause a denial of service (system crash) or potentially gain administrator privileges. A small number of CentOS and Ubuntu versions are vulnerable, thus we want to highlight the following information:

Additional information for Ubuntu can be found here.

Additional information for CentOS can be found here.

We also have tutorials on How To Update the Kernel in CentOS / Red Hat and How To Check the Kernel Version in Linux / Ubuntu / CentOS.

MITRE CVE describes the issue as follows:

The n_tty_write function in drivers/tty/n_tty.c in the Linux kernel through 3.14.3 does not properly manage tty driver access in the “LECHO & !OPOST” case, which allows local users to cause a denial of service (memory corruption and system crash) or gain privileges by triggering a race condition involving read and write operations with long strings.

Further information on CVE-2014-0196 is available from the NIST NVD and MITRE CVE dictionary.

Avatar for J. Mays

About the Author: J. Mays

As a previous contributor, JMays shares his insight with our Knowledge Base center. In our Knowledge Base, you'll be able to find how-to articles on Ubuntu, CentOS, Fedora and much more!

Latest Articles

Controlling PHP settings with a custom php.ini file

Read Article

How to install Puppet Server on Linux (AlmaLinux)

Read Article

Email security best practices for using SPF, DKIM, and DMARC

Read Article

Linux dos2unix command syntax — removing hidden Windows characters from files

Read Article

Change cPanel password from WebHost Manager (WHM)

Read Article