A vulnerability found in the Linux kernel, specifically a flaw with the pseudo tty (pty) device, allows an unprivileged user to cause a denial of service (system crash) or potentially gain administrator privileges. A small number of CentOS and Ubuntu versions are vulnerable, thus we want to highlight the following information:
Additional information for Ubuntu can be found here.
Additional information for CentOS can be found here.
We also have tutorials on How To Update the Kernel in CentOS / Red Hat and How To Check the Kernel Version in Linux / Ubuntu / CentOS.
MITRE CVE describes the issue as follows:
The n_tty_write function in drivers/tty/n_tty.c in the Linux kernel through 3.14.3 does not properly manage tty driver access in the “LECHO & !OPOST” case, which allows local users to cause a denial of service (memory corruption and system crash) or gain privileges by triggering a race condition involving read and write operations with long strings.
Further information on CVE-2014-0196 is available from the NIST NVD and MITRE CVE dictionary.
Related Articles:
About the Author: J. Mays
As a previous contributor, JMays shares his insight with our Knowledge Base center. In our Knowledge Base, you'll be able to find how-to articles on Ubuntu, CentOS, Fedora and much more!
Our Sales and Support teams are available 24 hours by phone or e-mail to assist.
Latest Articles
How to Use React Spring
Read ArticleAccessing Man Pages on Ubuntu 16.04 LTS
Read ArticleTLS vs SSL: A Comparison
Read ArticlePremium Business Email Pricing FAQ
Read ArticleMicrosoft Exchange Server Security Update
Read Article