// For flags

CVE-2014-0196

Linux Kernel Race Condition Vulnerability

Severity Score

6.9
*CVSS v2

Exploit Likelihood

*EPSS

Affected Versions

*CPE

Public Exploits

6
*Multiple Sources

Exploited in Wild

Yes
*KEV

Decision

-
*SSVC
Descriptions

The n_tty_write function in drivers/tty/n_tty.c in the Linux kernel through 3.14.3 does not properly manage tty driver access in the "LECHO & !OPOST" case, which allows local users to cause a denial of service (memory corruption and system crash) or gain privileges by triggering a race condition involving read and write operations with long strings.

La función n_tty_write en drivers/tty/n_tty.c en el kernel de Linux hasta 3.14.3 no maneja debidamente acceso al controlador tty en el caso 'LECHO & !OPOST', lo que permite a usuarios locales causar una denegación de servicio (consumo de memoria y caída de sistema) o ganar privilegios mediante la provocación de una condición de carrera involucrando operaciones de lectura y escritura con cadenas largas.

Linux Kernel contains a race condition vulnerability within the n_tty_write function that allows local users to cause a denial-of-service (DoS) or gain privileges via read and write operations with long strings.

*Credits: N/A
CVSS Scores
Attack Vector
Local
Attack Complexity
Medium
Authentication
None
Confidentiality
Complete
Integrity
Complete
Availability
Complete
* Common Vulnerability Scoring System
SSVC
  • Decision:-
Exploitation
-
Automatable
-
Tech. Impact
-
* Organization's Worst-case Scenario
Timeline
  • 2013-12-03 CVE Reserved
  • 2014-05-06 CVE Published
  • 2014-05-13 First Exploit
  • 2023-05-12 Exploited in Wild
  • 2023-05-13 EPSS Updated
  • 2023-06-02 KEV Due Date
  • 2024-08-06 CVE Updated
CWE
  • CWE-362: Concurrent Execution using Shared Resource with Improper Synchronization ('Race Condition')
CAPEC
References (31)
Affected Vendors, Products, and Versions
Vendor Product Version Other Status
Vendor Product Version Other Status <-- --> Vendor Product Version Other Status
Linux
Search vendor "Linux"
Linux Kernel
Search vendor "Linux" for product "Linux Kernel"
> 2.6.31 < 3.2.59
Search vendor "Linux" for product "Linux Kernel" and version " > 2.6.31 < 3.2.59"
-
Affected
Linux
Search vendor "Linux"
Linux Kernel
Search vendor "Linux" for product "Linux Kernel"
>= 3.3 < 3.4.91
Search vendor "Linux" for product "Linux Kernel" and version " >= 3.3 < 3.4.91"
-
Affected
Linux
Search vendor "Linux"
Linux Kernel
Search vendor "Linux" for product "Linux Kernel"
>= 3.5 < 3.10.40
Search vendor "Linux" for product "Linux Kernel" and version " >= 3.5 < 3.10.40"
-
Affected
Linux
Search vendor "Linux"
Linux Kernel
Search vendor "Linux" for product "Linux Kernel"
>= 3.11 < 3.12.20
Search vendor "Linux" for product "Linux Kernel" and version " >= 3.11 < 3.12.20"
-
Affected
Linux
Search vendor "Linux"
Linux Kernel
Search vendor "Linux" for product "Linux Kernel"
>= 3.13 < 3.14.4
Search vendor "Linux" for product "Linux Kernel" and version " >= 3.13 < 3.14.4"
-
Affected
Linux
Search vendor "Linux"
Linux Kernel
Search vendor "Linux" for product "Linux Kernel"
2.6.31
Search vendor "Linux" for product "Linux Kernel" and version "2.6.31"
-
Affected
Linux
Search vendor "Linux"
Linux Kernel
Search vendor "Linux" for product "Linux Kernel"
2.6.31
Search vendor "Linux" for product "Linux Kernel" and version "2.6.31"
rc3
Affected
Linux
Search vendor "Linux"
Linux Kernel
Search vendor "Linux" for product "Linux Kernel"
2.6.31
Search vendor "Linux" for product "Linux Kernel" and version "2.6.31"
rc4
Affected
Linux
Search vendor "Linux"
Linux Kernel
Search vendor "Linux" for product "Linux Kernel"
2.6.31
Search vendor "Linux" for product "Linux Kernel" and version "2.6.31"
rc5
Affected
Linux
Search vendor "Linux"
Linux Kernel
Search vendor "Linux" for product "Linux Kernel"
2.6.31
Search vendor "Linux" for product "Linux Kernel" and version "2.6.31"
rc6
Affected
Linux
Search vendor "Linux"
Linux Kernel
Search vendor "Linux" for product "Linux Kernel"
2.6.31
Search vendor "Linux" for product "Linux Kernel" and version "2.6.31"
rc7
Affected
Linux
Search vendor "Linux"
Linux Kernel
Search vendor "Linux" for product "Linux Kernel"
2.6.31
Search vendor "Linux" for product "Linux Kernel" and version "2.6.31"
rc8
Affected
Linux
Search vendor "Linux"
Linux Kernel
Search vendor "Linux" for product "Linux Kernel"
2.6.31
Search vendor "Linux" for product "Linux Kernel" and version "2.6.31"
rc9
Affected
Debian
Search vendor "Debian"
Debian Linux
Search vendor "Debian" for product "Debian Linux"
6.0
Search vendor "Debian" for product "Debian Linux" and version "6.0"
-
Affected
Debian
Search vendor "Debian"
Debian Linux
Search vendor "Debian" for product "Debian Linux"
7.0
Search vendor "Debian" for product "Debian Linux" and version "7.0"
-
Affected
Redhat
Search vendor "Redhat"
Enterprise Linux
Search vendor "Redhat" for product "Enterprise Linux"
6.0
Search vendor "Redhat" for product "Enterprise Linux" and version "6.0"
-
Affected
Redhat
Search vendor "Redhat"
Enterprise Linux Eus
Search vendor "Redhat" for product "Enterprise Linux Eus"
6.3
Search vendor "Redhat" for product "Enterprise Linux Eus" and version "6.3"
-
Affected
Redhat
Search vendor "Redhat"
Enterprise Linux Eus
Search vendor "Redhat" for product "Enterprise Linux Eus"
6.4
Search vendor "Redhat" for product "Enterprise Linux Eus" and version "6.4"
-
Affected
Redhat
Search vendor "Redhat"
Enterprise Linux Server Eus
Search vendor "Redhat" for product "Enterprise Linux Server Eus"
6.3
Search vendor "Redhat" for product "Enterprise Linux Server Eus" and version "6.3"
-
Affected
Suse
Search vendor "Suse"
Suse Linux Enterprise Desktop
Search vendor "Suse" for product "Suse Linux Enterprise Desktop"
11
Search vendor "Suse" for product "Suse Linux Enterprise Desktop" and version "11"
sp3
Affected
Suse
Search vendor "Suse"
Suse Linux Enterprise High Availability Extension
Search vendor "Suse" for product "Suse Linux Enterprise High Availability Extension"
11
Search vendor "Suse" for product "Suse Linux Enterprise High Availability Extension" and version "11"
sp3
Affected
Suse
Search vendor "Suse"
Suse Linux Enterprise Server
Search vendor "Suse" for product "Suse Linux Enterprise Server"
11
Search vendor "Suse" for product "Suse Linux Enterprise Server" and version "11"
sp3
Affected
Suse
Search vendor "Suse"
Suse Linux Enterprise Server
Search vendor "Suse" for product "Suse Linux Enterprise Server"
11
Search vendor "Suse" for product "Suse Linux Enterprise Server" and version "11"
sp3, vmware
Affected
Oracle
Search vendor "Oracle"
Linux
Search vendor "Oracle" for product "Linux"
6
Search vendor "Oracle" for product "Linux" and version "6"
-
Affected
Canonical
Search vendor "Canonical"
Ubuntu Linux
Search vendor "Canonical" for product "Ubuntu Linux"
10.04
Search vendor "Canonical" for product "Ubuntu Linux" and version "10.04"
-
Affected
Canonical
Search vendor "Canonical"
Ubuntu Linux
Search vendor "Canonical" for product "Ubuntu Linux"
12.04
Search vendor "Canonical" for product "Ubuntu Linux" and version "12.04"
esm
Affected
Canonical
Search vendor "Canonical"
Ubuntu Linux
Search vendor "Canonical" for product "Ubuntu Linux"
12.10
Search vendor "Canonical" for product "Ubuntu Linux" and version "12.10"
-
Affected
Canonical
Search vendor "Canonical"
Ubuntu Linux
Search vendor "Canonical" for product "Ubuntu Linux"
13.10
Search vendor "Canonical" for product "Ubuntu Linux" and version "13.10"
-
Affected
Canonical
Search vendor "Canonical"
Ubuntu Linux
Search vendor "Canonical" for product "Ubuntu Linux"
14.04
Search vendor "Canonical" for product "Ubuntu Linux" and version "14.04"
esm
Affected
F5
Search vendor "F5"
Big-ip Access Policy Manager
Search vendor "F5" for product "Big-ip Access Policy Manager"
>= 11.1.0 <= 11.5.1
Search vendor "F5" for product "Big-ip Access Policy Manager" and version " >= 11.1.0 <= 11.5.1"
-
Affected
F5
Search vendor "F5"
Big-ip Advanced Firewall Manager
Search vendor "F5" for product "Big-ip Advanced Firewall Manager"
>= 11.3.0 <= 11.5.1
Search vendor "F5" for product "Big-ip Advanced Firewall Manager" and version " >= 11.3.0 <= 11.5.1"
-
Affected
F5
Search vendor "F5"
Big-ip Analytics
Search vendor "F5" for product "Big-ip Analytics"
>= 11.1.0 <= 11.5.1
Search vendor "F5" for product "Big-ip Analytics" and version " >= 11.1.0 <= 11.5.1"
-
Affected
F5
Search vendor "F5"
Big-ip Application Acceleration Manager
Search vendor "F5" for product "Big-ip Application Acceleration Manager"
>= 11.4.0 <= 11.5.1
Search vendor "F5" for product "Big-ip Application Acceleration Manager" and version " >= 11.4.0 <= 11.5.1"
-
Affected
F5
Search vendor "F5"
Big-ip Application Security Manager
Search vendor "F5" for product "Big-ip Application Security Manager"
>= 11.1.0 <= 11.5.1
Search vendor "F5" for product "Big-ip Application Security Manager" and version " >= 11.1.0 <= 11.5.1"
-
Affected
F5
Search vendor "F5"
Big-ip Edge Gateway
Search vendor "F5" for product "Big-ip Edge Gateway"
>= 11.1.0 <= 11.3.0
Search vendor "F5" for product "Big-ip Edge Gateway" and version " >= 11.1.0 <= 11.3.0"
-
Affected
F5
Search vendor "F5"
Big-ip Global Traffic Manager
Search vendor "F5" for product "Big-ip Global Traffic Manager"
>= 11.1.0 <= 11.5.1
Search vendor "F5" for product "Big-ip Global Traffic Manager" and version " >= 11.1.0 <= 11.5.1"
-
Affected
F5
Search vendor "F5"
Big-ip Link Controller
Search vendor "F5" for product "Big-ip Link Controller"
>= 11.1.0 <= 11.5.1
Search vendor "F5" for product "Big-ip Link Controller" and version " >= 11.1.0 <= 11.5.1"
-
Affected
F5
Search vendor "F5"
Big-ip Local Traffic Manager
Search vendor "F5" for product "Big-ip Local Traffic Manager"
>= 11.1.0 <= 11.5.1
Search vendor "F5" for product "Big-ip Local Traffic Manager" and version " >= 11.1.0 <= 11.5.1"
-
Affected
F5
Search vendor "F5"
Big-ip Policy Enforcement Manager
Search vendor "F5" for product "Big-ip Policy Enforcement Manager"
>= 11.3.0 <= 11.5.1
Search vendor "F5" for product "Big-ip Policy Enforcement Manager" and version " >= 11.3.0 <= 11.5.1"
-
Affected
F5
Search vendor "F5"
Big-ip Protocol Security Module
Search vendor "F5" for product "Big-ip Protocol Security Module"
>= 11.1.0 <= 11.4.1
Search vendor "F5" for product "Big-ip Protocol Security Module" and version " >= 11.1.0 <= 11.4.1"
-
Affected
F5
Search vendor "F5"
Big-ip Wan Optimization Manager
Search vendor "F5" for product "Big-ip Wan Optimization Manager"
>= 11.1.0 <= 11.3.0
Search vendor "F5" for product "Big-ip Wan Optimization Manager" and version " >= 11.1.0 <= 11.3.0"
-
Affected
F5
Search vendor "F5"
Big-ip Webaccelerator
Search vendor "F5" for product "Big-ip Webaccelerator"
>= 11.1.0 <= 11.3.0
Search vendor "F5" for product "Big-ip Webaccelerator" and version " >= 11.1.0 <= 11.3.0"
-
Affected
F5
Search vendor "F5"
Big-iq Application Delivery Controller
Search vendor "F5" for product "Big-iq Application Delivery Controller"
4.5.0
Search vendor "F5" for product "Big-iq Application Delivery Controller" and version "4.5.0"
-
Affected
F5
Search vendor "F5"
Big-iq Centralized Management
Search vendor "F5" for product "Big-iq Centralized Management"
4.6.0
Search vendor "F5" for product "Big-iq Centralized Management" and version "4.6.0"
-
Affected
F5
Search vendor "F5"
Big-iq Cloud
Search vendor "F5" for product "Big-iq Cloud"
>= 4.0.0 <= 4.5.0
Search vendor "F5" for product "Big-iq Cloud" and version " >= 4.0.0 <= 4.5.0"
-
Affected
F5
Search vendor "F5"
Big-iq Cloud And Orchestration
Search vendor "F5" for product "Big-iq Cloud And Orchestration"
1.0.0
Search vendor "F5" for product "Big-iq Cloud And Orchestration" and version "1.0.0"
-
Affected
F5
Search vendor "F5"
Big-iq Device
Search vendor "F5" for product "Big-iq Device"
>= 4.2.0 <= 4.5.0
Search vendor "F5" for product "Big-iq Device" and version " >= 4.2.0 <= 4.5.0"
-
Affected
F5
Search vendor "F5"
Big-iq Security
Search vendor "F5" for product "Big-iq Security"
>= 4.0.0 <= 4.5.0
Search vendor "F5" for product "Big-iq Security" and version " >= 4.0.0 <= 4.5.0"
-
Affected
F5
Search vendor "F5"
Enterprise Manager
Search vendor "F5" for product "Enterprise Manager"
>= 3.1.0 <= 3.1.1
Search vendor "F5" for product "Enterprise Manager" and version " >= 3.1.0 <= 3.1.1"
-
Affected