ELSA-2014-0678

Опубликовано: 20 июл. 2014

Источник: oracle-oval

Платформа: Oracle Linux 7

Описание

ELSA-2014-0678: kernel security update (IMPORTANT)

[3.10.0-123.1.2]

Oracle Linux certificates (Alexey Petrenko)

[3.10.0-123.1.2]

[tty] n_tty: Fix n_tty_write crash when echoing in raw mode (Aristeu Rozanski) [1094241 1094242] {CVE-2014-0196}

Обновленные пакеты

Oracle Linux 7

Oracle Linux x86_64

kernel

3.10.0-123.1.2.el7

kernel-abi-whitelists

3.10.0-123.1.2.el7

kernel-debug

3.10.0-123.1.2.el7

kernel-debug-devel

3.10.0-123.1.2.el7

kernel-devel

3.10.0-123.1.2.el7

kernel-doc

3.10.0-123.1.2.el7

kernel-headers

3.10.0-123.1.2.el7

kernel-tools

3.10.0-123.1.2.el7

kernel-tools-libs

3.10.0-123.1.2.el7

kernel-tools-libs-devel

3.10.0-123.1.2.el7

perf

3.10.0-123.1.2.el7

python-perf

3.10.0-123.1.2.el7

Связанные CVE

CVE-2014-0196

Ссылки на источники

Связанные уязвимости

CVE-2014-0196

CVSS3: 5.5

ubuntu

около 11 лет назад

The n_tty_write function in drivers/tty/n_tty.c in the Linux kernel through 3.14.3 does not properly manage tty driver access in the "LECHO & !OPOST" case, which allows local users to cause a denial of service (memory corruption and system crash) or gain privileges by triggering a race condition involving read and write operations with long strings.