[CVE-2014-0196] Linux Kernel Race Condition Vulnerability

SecurityDesk
2023.05.12 00:00 조회 10

CISA KEV 정보

취약점명Linux Kernel Race Condition Vulnerability
설명Linux Kernel contains a race condition vulnerability within the n_tty_write function that allows local users to cause a denial-of-service (DoS) or gain privileges via read and write operations with long strings.
조치사항The impacted product is end-of-life and should be disconnected if still in use.
랜섬웨어 캠페인 악용Unknown
CWECWE-362
등록일 (KEV)2023-05-12
조치 기한2023-06-02
추가 참고https://lkml.iu.edu/hypermail/linux/kernel/1609.1/02103.html; https://nvd.nist.gov/vuln/detail/CVE-2014-0196

NVD 상세 정보

CVSS v3.1: 5.5 MEDIUMCVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
CVSS v2.0: 6.9 AV:L/AC:M/Au:N/C:C/I:C/A:C

설명: The n_tty_write function in drivers/tty/n_tty.c in the Linux kernel through 3.14.3 does not properly manage tty driver access in the "LECHO & !OPOST" case, which allows local users to cause a denial of service (memory corruption and system crash) or gain privileges by triggering a race condition involving read and write operations with long strings.

CWE: CWE-362 | CWE-362

참조

This product uses the NVD API but is not endorsed or certified by the NVD.



바로 가기

← 목록으로 돌아가기

IT 도구 서랍

→ Unix: 2025-01-15T09:30:00
→ 날짜: 1736934600

→ ASCII: ABC
→ 문자: 65 66 67

ASCII 코드표 — 클릭하면 입력란에 추가

제어 문자 (0–31)

DecHex약어설명

출력 가능 문자 (32–126)

DecHex문자

확장 ASCII (128–255)

DecHex문자

→ 유니코드: 홍길동
→ 문자: \ud64d\uae38\ub3d9