VAR-201405-0243
Vulnerability from variot - Updated: 2025-12-22 23:22The n_tty_write function in drivers/tty/n_tty.c in the Linux kernel through 3.14.3 does not properly manage tty driver access in the "LECHO & !OPOST" case, which allows local users to cause a denial of service (memory corruption and system crash) or gain privileges by triggering a race condition involving read and write operations with long strings. The NFSv4 implementation is one of the distributed file system protocols. The vulnerability is caused by the program not properly managing the access rights of the tty driver. The Common Vulnerabilities and Exposures project identifies the following problems:
CVE-2014-0196
Jiri Slaby discovered a race condition in the pty layer, which could lead
to a denial of service or privilege escalation. This could result
in a privilege escalation.
For the oldstable distribution (squeeze), this problem has been fixed in version 2.6.32-48squeeze6.
The following matrix lists additional source packages that were rebuilt for compatibility with or to take advantage of this update:
Debian 6.0 (squeeze)
user-mode-linux 2.6.32-1um-4+48squeeze6
We recommend that you upgrade your linux-2.6 and user-mode-linux packages. However, given the high frequency at which low-severity security issues are discovered in the kernel and the resource requirements of doing an update, updates for lower priority issues will normally not be released for all kernels at the same time. Rather, they will be released in a staggered or "leap-frog" fashion. -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1
===================================================================== Red Hat Security Advisory
Synopsis: Important: kernel security update Advisory ID: RHSA-2014:0512-01 Product: Red Hat Enterprise Linux Advisory URL: https://rhn.redhat.com/errata/RHSA-2014-0512.html Issue date: 2014-05-19 CVE Names: CVE-2014-0196 =====================================================================
- Summary:
Updated kernel packages that fix one security issue are now available for Red Hat Enterprise Linux 6.3 Extended Update Support.
The Red Hat Security Response Team has rated this update as having Important security impact. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available from the CVE link in the References section.
- Relevant releases/architectures:
Red Hat Enterprise Linux Compute Node EUS (v. 6.3) - noarch, x86_64 Red Hat Enterprise Linux Compute Node Optional EUS (v. 6.3) - x86_64 Red Hat Enterprise Linux Server EUS (v. 6.3) - i386, noarch, ppc64, s390x, x86_64 Red Hat Enterprise Linux Server Optional EUS (v. 6.3) - i386, ppc64, s390x, x86_64
- Description:
The kernel packages contain the Linux kernel, the core of any Linux operating system.
- A race condition flaw, leading to heap-based buffer overflows, was found in the way the Linux kernel's N_TTY line discipline (LDISC) implementation handled concurrent processing of echo output and TTY write operations originating from user space when the underlying TTY driver was PTY. An unprivileged, local user could use this flaw to crash the system or, potentially, escalate their privileges on the system. (CVE-2014-0196, Important)
All kernel users are advised to upgrade to these updated packages, which contain a backported patch to correct this issue. The system must be rebooted for this update to take effect.
- Solution:
Before applying this update, make sure all previously released errata relevant to your system have been applied.
This update is available via the Red Hat Network. Details on how to use the Red Hat Network to apply this update are available at https://access.redhat.com/site/articles/11258
To install kernel packages manually, use "rpm -ivh [package]". Do not use "rpm -Uvh" as that will remove the running kernel binaries from your system. You may use "rpm -e" to remove old kernels after determining that the new kernel functions properly on your system.
- Bugs fixed (https://bugzilla.redhat.com/):
1094232 - CVE-2014-0196 kernel: pty layer race condition leading to memory corruption
- Package List:
Red Hat Enterprise Linux Compute Node EUS (v. 6.3):
Source: kernel-2.6.32-279.43.2.el6.src.rpm
noarch: kernel-doc-2.6.32-279.43.2.el6.noarch.rpm kernel-firmware-2.6.32-279.43.2.el6.noarch.rpm
x86_64: kernel-2.6.32-279.43.2.el6.x86_64.rpm kernel-debug-2.6.32-279.43.2.el6.x86_64.rpm kernel-debug-debuginfo-2.6.32-279.43.2.el6.x86_64.rpm kernel-debug-devel-2.6.32-279.43.2.el6.x86_64.rpm kernel-debuginfo-2.6.32-279.43.2.el6.x86_64.rpm kernel-debuginfo-common-x86_64-2.6.32-279.43.2.el6.x86_64.rpm kernel-devel-2.6.32-279.43.2.el6.x86_64.rpm kernel-headers-2.6.32-279.43.2.el6.x86_64.rpm perf-2.6.32-279.43.2.el6.x86_64.rpm perf-debuginfo-2.6.32-279.43.2.el6.x86_64.rpm python-perf-debuginfo-2.6.32-279.43.2.el6.x86_64.rpm
Red Hat Enterprise Linux Compute Node Optional EUS (v. 6.3):
Source: kernel-2.6.32-279.43.2.el6.src.rpm
x86_64: kernel-debug-debuginfo-2.6.32-279.43.2.el6.x86_64.rpm kernel-debuginfo-2.6.32-279.43.2.el6.x86_64.rpm kernel-debuginfo-common-x86_64-2.6.32-279.43.2.el6.x86_64.rpm perf-debuginfo-2.6.32-279.43.2.el6.x86_64.rpm python-perf-2.6.32-279.43.2.el6.x86_64.rpm python-perf-debuginfo-2.6.32-279.43.2.el6.x86_64.rpm
Red Hat Enterprise Linux Server EUS (v. 6.3):
Source: kernel-2.6.32-279.43.2.el6.src.rpm
i386: kernel-2.6.32-279.43.2.el6.i686.rpm kernel-debug-2.6.32-279.43.2.el6.i686.rpm kernel-debug-debuginfo-2.6.32-279.43.2.el6.i686.rpm kernel-debug-devel-2.6.32-279.43.2.el6.i686.rpm kernel-debuginfo-2.6.32-279.43.2.el6.i686.rpm kernel-debuginfo-common-i686-2.6.32-279.43.2.el6.i686.rpm kernel-devel-2.6.32-279.43.2.el6.i686.rpm kernel-headers-2.6.32-279.43.2.el6.i686.rpm perf-2.6.32-279.43.2.el6.i686.rpm perf-debuginfo-2.6.32-279.43.2.el6.i686.rpm python-perf-debuginfo-2.6.32-279.43.2.el6.i686.rpm
noarch: kernel-doc-2.6.32-279.43.2.el6.noarch.rpm kernel-firmware-2.6.32-279.43.2.el6.noarch.rpm
ppc64: kernel-2.6.32-279.43.2.el6.ppc64.rpm kernel-bootwrapper-2.6.32-279.43.2.el6.ppc64.rpm kernel-debug-2.6.32-279.43.2.el6.ppc64.rpm kernel-debug-debuginfo-2.6.32-279.43.2.el6.ppc64.rpm kernel-debug-devel-2.6.32-279.43.2.el6.ppc64.rpm kernel-debuginfo-2.6.32-279.43.2.el6.ppc64.rpm kernel-debuginfo-common-ppc64-2.6.32-279.43.2.el6.ppc64.rpm kernel-devel-2.6.32-279.43.2.el6.ppc64.rpm kernel-headers-2.6.32-279.43.2.el6.ppc64.rpm perf-2.6.32-279.43.2.el6.ppc64.rpm perf-debuginfo-2.6.32-279.43.2.el6.ppc64.rpm python-perf-debuginfo-2.6.32-279.43.2.el6.ppc64.rpm
s390x: kernel-2.6.32-279.43.2.el6.s390x.rpm kernel-debug-2.6.32-279.43.2.el6.s390x.rpm kernel-debug-debuginfo-2.6.32-279.43.2.el6.s390x.rpm kernel-debug-devel-2.6.32-279.43.2.el6.s390x.rpm kernel-debuginfo-2.6.32-279.43.2.el6.s390x.rpm kernel-debuginfo-common-s390x-2.6.32-279.43.2.el6.s390x.rpm kernel-devel-2.6.32-279.43.2.el6.s390x.rpm kernel-headers-2.6.32-279.43.2.el6.s390x.rpm kernel-kdump-2.6.32-279.43.2.el6.s390x.rpm kernel-kdump-debuginfo-2.6.32-279.43.2.el6.s390x.rpm kernel-kdump-devel-2.6.32-279.43.2.el6.s390x.rpm perf-2.6.32-279.43.2.el6.s390x.rpm perf-debuginfo-2.6.32-279.43.2.el6.s390x.rpm python-perf-debuginfo-2.6.32-279.43.2.el6.s390x.rpm
x86_64: kernel-2.6.32-279.43.2.el6.x86_64.rpm kernel-debug-2.6.32-279.43.2.el6.x86_64.rpm kernel-debug-debuginfo-2.6.32-279.43.2.el6.x86_64.rpm kernel-debug-devel-2.6.32-279.43.2.el6.x86_64.rpm kernel-debuginfo-2.6.32-279.43.2.el6.x86_64.rpm kernel-debuginfo-common-x86_64-2.6.32-279.43.2.el6.x86_64.rpm kernel-devel-2.6.32-279.43.2.el6.x86_64.rpm kernel-headers-2.6.32-279.43.2.el6.x86_64.rpm perf-2.6.32-279.43.2.el6.x86_64.rpm perf-debuginfo-2.6.32-279.43.2.el6.x86_64.rpm python-perf-debuginfo-2.6.32-279.43.2.el6.x86_64.rpm
Red Hat Enterprise Linux Server Optional EUS (v. 6.3):
Source: kernel-2.6.32-279.43.2.el6.src.rpm
i386: kernel-debug-debuginfo-2.6.32-279.43.2.el6.i686.rpm kernel-debuginfo-2.6.32-279.43.2.el6.i686.rpm kernel-debuginfo-common-i686-2.6.32-279.43.2.el6.i686.rpm perf-debuginfo-2.6.32-279.43.2.el6.i686.rpm python-perf-2.6.32-279.43.2.el6.i686.rpm python-perf-debuginfo-2.6.32-279.43.2.el6.i686.rpm
ppc64: kernel-debug-debuginfo-2.6.32-279.43.2.el6.ppc64.rpm kernel-debuginfo-2.6.32-279.43.2.el6.ppc64.rpm kernel-debuginfo-common-ppc64-2.6.32-279.43.2.el6.ppc64.rpm perf-debuginfo-2.6.32-279.43.2.el6.ppc64.rpm python-perf-2.6.32-279.43.2.el6.ppc64.rpm python-perf-debuginfo-2.6.32-279.43.2.el6.ppc64.rpm
s390x: kernel-debug-debuginfo-2.6.32-279.43.2.el6.s390x.rpm kernel-debuginfo-2.6.32-279.43.2.el6.s390x.rpm kernel-debuginfo-common-s390x-2.6.32-279.43.2.el6.s390x.rpm kernel-kdump-debuginfo-2.6.32-279.43.2.el6.s390x.rpm perf-debuginfo-2.6.32-279.43.2.el6.s390x.rpm python-perf-2.6.32-279.43.2.el6.s390x.rpm python-perf-debuginfo-2.6.32-279.43.2.el6.s390x.rpm
x86_64: kernel-debug-debuginfo-2.6.32-279.43.2.el6.x86_64.rpm kernel-debuginfo-2.6.32-279.43.2.el6.x86_64.rpm kernel-debuginfo-common-x86_64-2.6.32-279.43.2.el6.x86_64.rpm perf-debuginfo-2.6.32-279.43.2.el6.x86_64.rpm python-perf-2.6.32-279.43.2.el6.x86_64.rpm python-perf-debuginfo-2.6.32-279.43.2.el6.x86_64.rpm
These packages are GPG signed by Red Hat for security. Our key and details on how to verify the signature are available from https://access.redhat.com/security/team/key/#package
- References:
https://www.redhat.com/security/data/cve/CVE-2014-0196.html https://access.redhat.com/security/updates/classification/#important
- Contact:
The Red Hat security contact is secalert@redhat.com. More contact details at https://access.redhat.com/security/team/contact/
Copyright 2014 Red Hat, Inc. -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.4 (GNU/Linux)
iD8DBQFTeevHXlSAg2UNWIIRAra4AKCEmAyOKgOMKTcKEcfb2+w6TC/mFwCfWvev EOGe9kl4ZMaNGsVrs9ShD4E= =vPRc -----END PGP SIGNATURE-----
-- RHSA-announce mailing list RHSA-announce@redhat.com https://www.redhat.com/mailman/listinfo/rhsa-announce . ============================================================================ Ubuntu Security Notice USN-2227-1 May 27, 2014
linux-ti-omap4 vulnerabilities
A security issue affects these releases of Ubuntu and its derivatives:
- Ubuntu 12.04 LTS
Summary:
Several security issues were fixed in the kernel. (CVE-2014-0196)
Matthew Daley reported an information leak in the floppy disk driver of the Linux kernel. (CVE-2014-1738)
Matthew Daley reported a flaw in the handling of ioctl commands by the floppy disk driver in the Linux kernel. (CVE-2014-1737)
A flaw was discovered in the Linux kernel's IPC reference counting. (CVE-2013-4483)
Al Viro discovered an error in how CIFS in the Linux kernel handles uncached write operations. (CVE-2014-0069)
A flaw was discovered in the handling of network packets when mergeable buffers are disabled for virtual machines in the Linux kernel. Guest OS users may exploit this flaw to cause a denial of service (host OS crash) or possibly gain privilege on the host OS. (CVE-2014-0077)
A flaw was discovered in the Linux kernel's handling of the SCTP handshake. A remote attacker could exploit this flaw to cause a denial of service (system crash). (CVE-2014-0101)
A flaw was discovered in the handling of routing information in Linux kernel's IPv6 stack. A remote attacker could exploit this flaw to cause a denial of service (memory consumption) via a flood of ICMPv6 router advertisement packets. (CVE-2014-2309)
An error was discovered in the Linux kernel's DCCP protocol support. A remote attacked could exploit this flaw to cause a denial of service (system crash) or possibly execute arbitrary code. (CVE-2014-2523)
Max Sydorenko discovered a race condition in the Atheros 9k wireless driver in the Linux kernel. This race could be exploited by remote attackers to cause a denial of service (system crash). (CVE-2014-2672)
An error was discovered in the Reliable Datagram Sockets (RDS) protocol stack in the Linux kernel. (CVE-2014-2678)
Yaara Rozenblum discovered a race condition in the Linux kernel's Generic IEEE 802.11 Networking Stack (mac80211). Remote attackers could exploit this flaw to cause a denial of service (system crash). (CVE-2014-2706)
A flaw was discovered in the Linux kernel's ping sockets. (CVE-2014-2851)
Update instructions:
The problem can be corrected by updating your system to the following package versions:
Ubuntu 12.04 LTS: linux-image-3.2.0-1446-omap4 3.2.0-1446.65
After a standard system update you need to reboot your computer to make all the necessary changes.
ATTENTION: Due to an unavoidable ABI change the kernel updates have been given a new version number, which requires you to recompile and reinstall all third party kernel modules you might have installed. Unless you manually uninstalled the standard kernel metapackages (e.g. linux-generic, linux-server, linux-powerpc), a standard system upgrade will automatically perform this as well. -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1
Mandriva Linux Security Advisory MDVSA-2014:124 http://www.mandriva.com/en/support/security/
Package : kernel Date : June 13, 2014 Affected: Business Server 1.0
Problem Description:
Multiple vulnerabilities has been found and corrected in the Linux kernel:
kernel/auditsc.c in the Linux kernel through 3.14.5, when CONFIG_AUDITSYSCALL is enabled with certain syscall rules, allows local users to obtain potentially sensitive single-bit values from kernel memory or cause a denial of service (OOPS) via a large value of a syscall number (CVE-2014-3917).
The futex_requeue function in kernel/futex.c in the Linux kernel through 3.14.5 does not ensure that calls have two different futex addresses, which allows local users to gain privileges via a crafted FUTEX_REQUEUE command that facilitates unsafe waiter modification (CVE-2014-3153). NOTE: the affected code was moved to the __skb_get_nlattr and __skb_get_nlattr_nest functions before the vulnerability was announced (CVE-2014-3144). NOTE: the affected code was moved to the __skb_get_nlattr_nest function before the vulnerability was announced (CVE-2014-3145).
Multiple array index errors in drivers/hid/hid-multitouch.c in the Human Interface Device (HID) subsystem in the Linux kernel through 3.11, when CONFIG_HID_MULTITOUCH is enabled, allow physically proximate attackers to cause a denial of service (heap memory corruption, or NULL pointer dereference and OOPS) via a crafted device (CVE-2013-2897).
The sctp_sf_do_5_1D_ce function in net/sctp/sm_statefuns.c in the Linux kernel through 3.13.6 does not validate certain auth_enable and auth_capable fields before making an sctp_sf_authenticate call, which allows remote attackers to cause a denial of service (NULL pointer dereference and system crash) via an SCTP handshake with a modified INIT chunk and a crafted AUTH chunk before a COOKIE_ECHO chunk (CVE-2014-0101).
The updated packages provides a solution for these security issues.
References:
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-2137 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-2897 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0069 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0077 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0101 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0196 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-1737 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-1738 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-1874 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-2039 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-2309 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-2523 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-2672 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-2678 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-2706 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-2851 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3144 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3145 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3153 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3917
Updated Packages:
Mandriva Business Server 1/X86_64: d4a1665d801553272f379aa8190d7208 mbs1/x86_64/cpupower-3.4.93-1.1.mbs1.x86_64.rpm dac586e9467ccffcb0f03d7d6902c714 mbs1/x86_64/kernel-firmware-3.4.93-1.1.mbs1.noarch.rpm d67bdbd6148b7e7f187244fc2fb17629 mbs1/x86_64/kernel-headers-3.4.93-1.1.mbs1.src.rpm 6f011d528d57e6bfe3f348e124cc11d5 mbs1/x86_64/kernel-headers-3.4.93-1.1.mbs1.x86_64.rpm 6d7935addb463a2dc0cec144390f0786 mbs1/x86_64/kernel-server-3.4.93-1.1.mbs1.x86_64.rpm c013f3a9ae5f48694d91bfac81169c67 mbs1/x86_64/kernel-server-devel-3.4.93-1.1.mbs1.x86_64.rpm 87c7893b5fdfed6d766cac365e78f213 mbs1/x86_64/kernel-source-3.4.93-1.mbs1.noarch.rpm 298e025c2b05845d67efc4566db3d152 mbs1/x86_64/lib64cpupower0-3.4.93-1.1.mbs1.x86_64.rpm 45e43387ed27d1281fe5b15304f796f6 mbs1/x86_64/lib64cpupower-devel-3.4.93-1.1.mbs1.x86_64.rpm 3a74f07a429ea1b403d676f73b7ecbf9 mbs1/x86_64/perf-3.4.93-1.1.mbs1.x86_64.rpm bd6bd37cd3ff3b6844b04821d6da2779 mbs1/SRPMS/cpupower-3.4.93-1.1.mbs1.src.rpm 88c98d0723446a0717159574e06d9e3b mbs1/SRPMS/kernel-firmware-3.4.93-1.1.mbs1.src.rpm 7a84b2886c92e812943c76b2faafd068 mbs1/SRPMS/kernel-server-3.4.93-1.1.mbs1.src.rpm 7a431cec5f9862815f4d92f2ca1f8d9d mbs1/SRPMS/kernel-source-3.4.93-1.mbs1.src.rpm 65654157eb504295dbd05676ed40c968 mbs1/SRPMS/perf-3.4.93-1.1.mbs1.src.rpm
To upgrade automatically use MandrivaUpdate or urpmi. The verification of md5 checksums and GPG signatures is performed automatically for you.
All packages are signed by Mandriva for security. You can obtain the GPG public key of the Mandriva Security Team by executing:
gpg --recv-keys --keyserver pgp.mit.edu 0x22458A98
You can view other update advisories for Mandriva Linux at:
http://www.mandriva.com/en/support/security/advisories/
If you want to report vulnerabilities, please contact
security_(at)_mandriva.com
Type Bits/KeyID Date User ID pub 1024D/22458A98 2000-07-10 Mandriva Security Team -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.12 (GNU/Linux)
iD8DBQFTmvH3mqjQ0CJFipgRAjgaAKDtCfvK/cukQMyPkhdgllxaobQHFQCdHoJo g42VcK2YoEgcX9BPP3/zfWg= =4uZg -----END PGP SIGNATURE----- . (CVE-2014-2851)
Sasha Levin reported a bug in the Linux kernel's virtual memory management subsystem
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-201405-0243",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "big-ip local traffic manager",
"scope": "lte",
"trust": 1.0,
"vendor": "f5",
"version": "11.5.1"
},
{
"model": "big-iq centralized management",
"scope": "eq",
"trust": 1.0,
"vendor": "f5",
"version": "4.6.0"
},
{
"model": "big-ip global traffic manager",
"scope": "gte",
"trust": 1.0,
"vendor": "f5",
"version": "11.1.0"
},
{
"model": "ubuntu linux",
"scope": "eq",
"trust": 1.0,
"vendor": "canonical",
"version": "12.04"
},
{
"model": "kernel",
"scope": "gte",
"trust": 1.0,
"vendor": "linux",
"version": "3.11"
},
{
"model": "big-iq cloud",
"scope": "lte",
"trust": 1.0,
"vendor": "f5",
"version": "4.5.0"
},
{
"model": "big-ip policy enforcement manager",
"scope": "lte",
"trust": 1.0,
"vendor": "f5",
"version": "11.5.1"
},
{
"model": "big-ip webaccelerator",
"scope": "gte",
"trust": 1.0,
"vendor": "f5",
"version": "11.1.0"
},
{
"model": "big-iq device",
"scope": "gte",
"trust": 1.0,
"vendor": "f5",
"version": "4.2.0"
},
{
"model": "linux enterprise high availability extension",
"scope": "eq",
"trust": 1.0,
"vendor": "suse",
"version": "11"
},
{
"model": "kernel",
"scope": "gte",
"trust": 1.0,
"vendor": "linux",
"version": "3.5"
},
{
"model": "big-ip policy enforcement manager",
"scope": "gte",
"trust": 1.0,
"vendor": "f5",
"version": "11.3.0"
},
{
"model": "big-ip wan optimization manager",
"scope": "gte",
"trust": 1.0,
"vendor": "f5",
"version": "11.1.0"
},
{
"model": "enterprise manager",
"scope": "eq",
"trust": 1.0,
"vendor": "f5",
"version": "3.1.1"
},
{
"model": "big-ip protocol security module",
"scope": "gte",
"trust": 1.0,
"vendor": "f5",
"version": "11.1.0"
},
{
"model": "big-ip edge gateway",
"scope": "lte",
"trust": 1.0,
"vendor": "f5",
"version": "11.3.0"
},
{
"model": "kernel",
"scope": "eq",
"trust": 1.0,
"vendor": "linux",
"version": "2.6.31"
},
{
"model": "linux enterprise desktop",
"scope": "eq",
"trust": 1.0,
"vendor": "suse",
"version": "11"
},
{
"model": "big-iq device",
"scope": "lte",
"trust": 1.0,
"vendor": "f5",
"version": "4.5.0"
},
{
"model": "ubuntu linux",
"scope": "eq",
"trust": 1.0,
"vendor": "canonical",
"version": "10.04"
},
{
"model": "big-ip link controller",
"scope": "gte",
"trust": 1.0,
"vendor": "f5",
"version": "11.1.0"
},
{
"model": "big-ip webaccelerator",
"scope": "lte",
"trust": 1.0,
"vendor": "f5",
"version": "11.3.0"
},
{
"model": "big-ip application security manager",
"scope": "lte",
"trust": 1.0,
"vendor": "f5",
"version": "11.5.1"
},
{
"model": "enterprise manager",
"scope": "eq",
"trust": 1.0,
"vendor": "f5",
"version": "3.1.0"
},
{
"model": "enterprise linux",
"scope": "eq",
"trust": 1.0,
"vendor": "redhat",
"version": "6.0"
},
{
"model": "big-ip analytics",
"scope": "gte",
"trust": 1.0,
"vendor": "f5",
"version": "11.1.0"
},
{
"model": "big-ip local traffic manager",
"scope": "gte",
"trust": 1.0,
"vendor": "f5",
"version": "11.1.0"
},
{
"model": "big-iq security",
"scope": "gte",
"trust": 1.0,
"vendor": "f5",
"version": "4.0.0"
},
{
"model": "kernel",
"scope": "gte",
"trust": 1.0,
"vendor": "linux",
"version": "3.3"
},
{
"model": "big-ip advanced firewall manager",
"scope": "lte",
"trust": 1.0,
"vendor": "f5",
"version": "11.5.1"
},
{
"model": "linux",
"scope": "eq",
"trust": 1.0,
"vendor": "oracle",
"version": "6"
},
{
"model": "linux",
"scope": "eq",
"trust": 1.0,
"vendor": "debian",
"version": "7.0"
},
{
"model": "kernel",
"scope": "gte",
"trust": 1.0,
"vendor": "linux",
"version": "3.13"
},
{
"model": "big-ip application acceleration manager",
"scope": "lte",
"trust": 1.0,
"vendor": "f5",
"version": "11.5.1"
},
{
"model": "big-ip protocol security module",
"scope": "lte",
"trust": 1.0,
"vendor": "f5",
"version": "11.4.1"
},
{
"model": "ubuntu linux",
"scope": "eq",
"trust": 1.0,
"vendor": "canonical",
"version": "12.10"
},
{
"model": "kernel",
"scope": "lt",
"trust": 1.0,
"vendor": "linux",
"version": "3.14.4"
},
{
"model": "kernel",
"scope": "lt",
"trust": 1.0,
"vendor": "linux",
"version": "3.2.59"
},
{
"model": "big-iq application delivery controller",
"scope": "eq",
"trust": 1.0,
"vendor": "f5",
"version": "4.5.0"
},
{
"model": "big-iq security",
"scope": "lte",
"trust": 1.0,
"vendor": "f5",
"version": "4.5.0"
},
{
"model": "big-ip access policy manager",
"scope": "lte",
"trust": 1.0,
"vendor": "f5",
"version": "11.5.1"
},
{
"model": "enterprise linux eus",
"scope": "eq",
"trust": 1.0,
"vendor": "redhat",
"version": "6.4"
},
{
"model": "ubuntu linux",
"scope": "eq",
"trust": 1.0,
"vendor": "canonical",
"version": "13.10"
},
{
"model": "ubuntu linux",
"scope": "eq",
"trust": 1.0,
"vendor": "canonical",
"version": "14.04"
},
{
"model": "linux enterprise server",
"scope": "eq",
"trust": 1.0,
"vendor": "suse",
"version": "11"
},
{
"model": "big-ip global traffic manager",
"scope": "lte",
"trust": 1.0,
"vendor": "f5",
"version": "11.5.1"
},
{
"model": "big-ip wan optimization manager",
"scope": "lte",
"trust": 1.0,
"vendor": "f5",
"version": "11.3.0"
},
{
"model": "enterprise linux server eus",
"scope": "eq",
"trust": 1.0,
"vendor": "redhat",
"version": "6.3"
},
{
"model": "big-ip edge gateway",
"scope": "gte",
"trust": 1.0,
"vendor": "f5",
"version": "11.1.0"
},
{
"model": "big-iq cloud",
"scope": "gte",
"trust": 1.0,
"vendor": "f5",
"version": "4.0.0"
},
{
"model": "enterprise linux eus",
"scope": "eq",
"trust": 1.0,
"vendor": "redhat",
"version": "6.3"
},
{
"model": "big-iq cloud and orchestration",
"scope": "eq",
"trust": 1.0,
"vendor": "f5",
"version": "1.0.0"
},
{
"model": "kernel",
"scope": "lt",
"trust": 1.0,
"vendor": "linux",
"version": "3.10.40"
},
{
"model": "big-ip application security manager",
"scope": "gte",
"trust": 1.0,
"vendor": "f5",
"version": "11.1.0"
},
{
"model": "kernel",
"scope": "gt",
"trust": 1.0,
"vendor": "linux",
"version": "2.6.31"
},
{
"model": "linux",
"scope": "eq",
"trust": 1.0,
"vendor": "debian",
"version": "6.0"
},
{
"model": "big-ip advanced firewall manager",
"scope": "gte",
"trust": 1.0,
"vendor": "f5",
"version": "11.3.0"
},
{
"model": "big-ip application acceleration manager",
"scope": "gte",
"trust": 1.0,
"vendor": "f5",
"version": "11.4.0"
},
{
"model": "big-ip access policy manager",
"scope": "gte",
"trust": 1.0,
"vendor": "f5",
"version": "11.1.0"
},
{
"model": "kernel",
"scope": "lt",
"trust": 1.0,
"vendor": "linux",
"version": "3.4.91"
},
{
"model": "big-ip link controller",
"scope": "lte",
"trust": 1.0,
"vendor": "f5",
"version": "11.5.1"
},
{
"model": "kernel",
"scope": "lt",
"trust": 1.0,
"vendor": "linux",
"version": "3.12.20"
},
{
"model": "big-ip analytics",
"scope": "lte",
"trust": 1.0,
"vendor": "f5",
"version": "11.5.1"
},
{
"model": "kernel",
"scope": "lte",
"trust": 0.8,
"vendor": "linux",
"version": "3.14.3"
},
{
"model": "kernel",
"scope": "eq",
"trust": 0.6,
"vendor": "linux",
"version": "3.0.55"
},
{
"model": "kernel",
"scope": "eq",
"trust": 0.6,
"vendor": "linux",
"version": "3.2.7"
},
{
"model": "kernel",
"scope": "eq",
"trust": 0.6,
"vendor": "linux",
"version": "3.0.56"
},
{
"model": "kernel",
"scope": "eq",
"trust": 0.6,
"vendor": "linux",
"version": "3.0.61"
},
{
"model": "kernel",
"scope": "eq",
"trust": 0.6,
"vendor": "linux",
"version": "3.0.64"
},
{
"model": "kernel",
"scope": "eq",
"trust": 0.6,
"vendor": "linux",
"version": "3.0.60"
},
{
"model": "kernel",
"scope": "eq",
"trust": 0.6,
"vendor": "linux",
"version": "3.0.62"
},
{
"model": "kernel",
"scope": "eq",
"trust": 0.6,
"vendor": "linux",
"version": "3.0.63"
},
{
"model": "kernel",
"scope": "eq",
"trust": 0.6,
"vendor": "linux",
"version": "3.0.53"
},
{
"model": "kernel",
"scope": "eq",
"trust": 0.6,
"vendor": "linux",
"version": "3.0.54"
}
],
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201405-092"
},
{
"db": "JVNDB",
"id": "JVNDB-2014-002401"
},
{
"db": "NVD",
"id": "CVE-2014-0196"
}
]
},
"configurations": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/configurations#",
"children": {
"@container": "@list"
},
"cpe_match": {
"@container": "@list"
},
"data": {
"@container": "@list"
},
"nodes": {
"@container": "@list"
}
},
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"cpe_match": [
{
"cpe22Uri": "cpe:/o:linux:linux_kernel",
"vulnerable": true
}
],
"operator": "OR"
}
]
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2014-002401"
}
]
},
"credits": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/credits#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Ubuntu",
"sources": [
{
"db": "PACKETSTORM",
"id": "126800"
},
{
"db": "PACKETSTORM",
"id": "126507"
},
{
"db": "PACKETSTORM",
"id": "126503"
},
{
"db": "PACKETSTORM",
"id": "126512"
},
{
"db": "PACKETSTORM",
"id": "127253"
}
],
"trust": 0.5
},
"cve": "CVE-2014-0196",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"accessComplexity": "MEDIUM",
"accessVector": "LOCAL",
"authentication": "NONE",
"author": "nvd@nist.gov",
"availabilityImpact": "COMPLETE",
"baseScore": 6.9,
"confidentialityImpact": "COMPLETE",
"exploitabilityScore": 3.4,
"id": "CVE-2014-0196",
"impactScore": 10.0,
"integrityImpact": "COMPLETE",
"severity": "MEDIUM",
"trust": 1.8,
"vectorString": "AV:L/AC:M/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
{
"accessComplexity": "MEDIUM",
"accessVector": "LOCAL",
"authentication": "NONE",
"author": "VULHUB",
"availabilityImpact": "COMPLETE",
"baseScore": 6.9,
"confidentialityImpact": "COMPLETE",
"exploitabilityScore": 3.4,
"id": "VHN-67689",
"impactScore": 10.0,
"integrityImpact": "COMPLETE",
"severity": "MEDIUM",
"trust": 0.1,
"vectorString": "AV:L/AC:M/AU:N/C:C/I:C/A:C",
"version": "2.0"
}
],
"cvssV3": [
{
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"author": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"availabilityImpact": "HIGH",
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"exploitabilityScore": 1.8,
"id": "CVE-2014-0196",
"impactScore": 3.6,
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"trust": 1.0,
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
}
],
"severity": [
{
"author": "nvd@nist.gov",
"id": "CVE-2014-0196",
"trust": 1.0,
"value": "MEDIUM"
},
{
"author": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"id": "CVE-2014-0196",
"trust": 1.0,
"value": "MEDIUM"
},
{
"author": "NVD",
"id": "CVE-2014-0196",
"trust": 0.8,
"value": "Medium"
},
{
"author": "CNNVD",
"id": "CNNVD-201405-092",
"trust": 0.6,
"value": "MEDIUM"
},
{
"author": "VULHUB",
"id": "VHN-67689",
"trust": 0.1,
"value": "MEDIUM"
}
]
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-67689"
},
{
"db": "CNNVD",
"id": "CNNVD-201405-092"
},
{
"db": "JVNDB",
"id": "JVNDB-2014-002401"
},
{
"db": "NVD",
"id": "CVE-2014-0196"
},
{
"db": "NVD",
"id": "CVE-2014-0196"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "The n_tty_write function in drivers/tty/n_tty.c in the Linux kernel through 3.14.3 does not properly manage tty driver access in the \"LECHO \u0026 !OPOST\" case, which allows local users to cause a denial of service (memory corruption and system crash) or gain privileges by triggering a race condition involving read and write operations with long strings. The NFSv4 implementation is one of the distributed file system protocols. The vulnerability is caused by the program not properly managing the access rights of the tty driver. The Common\nVulnerabilities and Exposures project identifies the following problems:\n\nCVE-2014-0196\n\n Jiri Slaby discovered a race condition in the pty layer, which could lead\n to a denial of service or privilege escalation. This could result\n in a privilege escalation. \n\nFor the oldstable distribution (squeeze), this problem has been fixed in\nversion 2.6.32-48squeeze6. \n\nThe following matrix lists additional source packages that were rebuilt for\ncompatibility with or to take advantage of this update:\n\n Debian 6.0 (squeeze)\n user-mode-linux 2.6.32-1um-4+48squeeze6\n\nWe recommend that you upgrade your linux-2.6 and user-mode-linux packages. \nHowever, given the high frequency at which low-severity security\nissues are discovered in the kernel and the resource requirements of\ndoing an update, updates for lower priority issues will normally not\nbe released for all kernels at the same time. Rather, they will be\nreleased in a staggered or \"leap-frog\" fashion. -----BEGIN PGP SIGNED MESSAGE-----\nHash: SHA1\n\n=====================================================================\n Red Hat Security Advisory\n\nSynopsis: Important: kernel security update\nAdvisory ID: RHSA-2014:0512-01\nProduct: Red Hat Enterprise Linux\nAdvisory URL: https://rhn.redhat.com/errata/RHSA-2014-0512.html\nIssue date: 2014-05-19\nCVE Names: CVE-2014-0196 \n=====================================================================\n\n1. Summary:\n\nUpdated kernel packages that fix one security issue are now available for\nRed Hat Enterprise Linux 6.3 Extended Update Support. \n\nThe Red Hat Security Response Team has rated this update as having\nImportant security impact. A Common Vulnerability Scoring System (CVSS)\nbase score, which gives a detailed severity rating, is available from the\nCVE link in the References section. \n\n2. Relevant releases/architectures:\n\nRed Hat Enterprise Linux Compute Node EUS (v. 6.3) - noarch, x86_64\nRed Hat Enterprise Linux Compute Node Optional EUS (v. 6.3) - x86_64\nRed Hat Enterprise Linux Server EUS (v. 6.3) - i386, noarch, ppc64, s390x, x86_64\nRed Hat Enterprise Linux Server Optional EUS (v. 6.3) - i386, ppc64, s390x, x86_64\n\n3. Description:\n\nThe kernel packages contain the Linux kernel, the core of any Linux\noperating system. \n\n* A race condition flaw, leading to heap-based buffer overflows, was found\nin the way the Linux kernel\u0027s N_TTY line discipline (LDISC) implementation\nhandled concurrent processing of echo output and TTY write operations\noriginating from user space when the underlying TTY driver was PTY. \nAn unprivileged, local user could use this flaw to crash the system or,\npotentially, escalate their privileges on the system. (CVE-2014-0196,\nImportant)\n\nAll kernel users are advised to upgrade to these updated packages, which\ncontain a backported patch to correct this issue. The system must be\nrebooted for this update to take effect. \n\n4. Solution:\n\nBefore applying this update, make sure all previously released errata\nrelevant to your system have been applied. \n\nThis update is available via the Red Hat Network. Details on how to use the\nRed Hat Network to apply this update are available at\nhttps://access.redhat.com/site/articles/11258\n\nTo install kernel packages manually, use \"rpm -ivh [package]\". Do not use\n\"rpm -Uvh\" as that will remove the running kernel binaries from your\nsystem. You may use \"rpm -e\" to remove old kernels after determining that\nthe new kernel functions properly on your system. \n\n5. Bugs fixed (https://bugzilla.redhat.com/):\n\n1094232 - CVE-2014-0196 kernel: pty layer race condition leading to memory corruption\n\n6. Package List:\n\nRed Hat Enterprise Linux Compute Node EUS (v. 6.3):\n\nSource:\nkernel-2.6.32-279.43.2.el6.src.rpm\n\nnoarch:\nkernel-doc-2.6.32-279.43.2.el6.noarch.rpm\nkernel-firmware-2.6.32-279.43.2.el6.noarch.rpm\n\nx86_64:\nkernel-2.6.32-279.43.2.el6.x86_64.rpm\nkernel-debug-2.6.32-279.43.2.el6.x86_64.rpm\nkernel-debug-debuginfo-2.6.32-279.43.2.el6.x86_64.rpm\nkernel-debug-devel-2.6.32-279.43.2.el6.x86_64.rpm\nkernel-debuginfo-2.6.32-279.43.2.el6.x86_64.rpm\nkernel-debuginfo-common-x86_64-2.6.32-279.43.2.el6.x86_64.rpm\nkernel-devel-2.6.32-279.43.2.el6.x86_64.rpm\nkernel-headers-2.6.32-279.43.2.el6.x86_64.rpm\nperf-2.6.32-279.43.2.el6.x86_64.rpm\nperf-debuginfo-2.6.32-279.43.2.el6.x86_64.rpm\npython-perf-debuginfo-2.6.32-279.43.2.el6.x86_64.rpm\n\nRed Hat Enterprise Linux Compute Node Optional EUS (v. 6.3):\n\nSource:\nkernel-2.6.32-279.43.2.el6.src.rpm\n\nx86_64:\nkernel-debug-debuginfo-2.6.32-279.43.2.el6.x86_64.rpm\nkernel-debuginfo-2.6.32-279.43.2.el6.x86_64.rpm\nkernel-debuginfo-common-x86_64-2.6.32-279.43.2.el6.x86_64.rpm\nperf-debuginfo-2.6.32-279.43.2.el6.x86_64.rpm\npython-perf-2.6.32-279.43.2.el6.x86_64.rpm\npython-perf-debuginfo-2.6.32-279.43.2.el6.x86_64.rpm\n\nRed Hat Enterprise Linux Server EUS (v. 6.3):\n\nSource:\nkernel-2.6.32-279.43.2.el6.src.rpm\n\ni386:\nkernel-2.6.32-279.43.2.el6.i686.rpm\nkernel-debug-2.6.32-279.43.2.el6.i686.rpm\nkernel-debug-debuginfo-2.6.32-279.43.2.el6.i686.rpm\nkernel-debug-devel-2.6.32-279.43.2.el6.i686.rpm\nkernel-debuginfo-2.6.32-279.43.2.el6.i686.rpm\nkernel-debuginfo-common-i686-2.6.32-279.43.2.el6.i686.rpm\nkernel-devel-2.6.32-279.43.2.el6.i686.rpm\nkernel-headers-2.6.32-279.43.2.el6.i686.rpm\nperf-2.6.32-279.43.2.el6.i686.rpm\nperf-debuginfo-2.6.32-279.43.2.el6.i686.rpm\npython-perf-debuginfo-2.6.32-279.43.2.el6.i686.rpm\n\nnoarch:\nkernel-doc-2.6.32-279.43.2.el6.noarch.rpm\nkernel-firmware-2.6.32-279.43.2.el6.noarch.rpm\n\nppc64:\nkernel-2.6.32-279.43.2.el6.ppc64.rpm\nkernel-bootwrapper-2.6.32-279.43.2.el6.ppc64.rpm\nkernel-debug-2.6.32-279.43.2.el6.ppc64.rpm\nkernel-debug-debuginfo-2.6.32-279.43.2.el6.ppc64.rpm\nkernel-debug-devel-2.6.32-279.43.2.el6.ppc64.rpm\nkernel-debuginfo-2.6.32-279.43.2.el6.ppc64.rpm\nkernel-debuginfo-common-ppc64-2.6.32-279.43.2.el6.ppc64.rpm\nkernel-devel-2.6.32-279.43.2.el6.ppc64.rpm\nkernel-headers-2.6.32-279.43.2.el6.ppc64.rpm\nperf-2.6.32-279.43.2.el6.ppc64.rpm\nperf-debuginfo-2.6.32-279.43.2.el6.ppc64.rpm\npython-perf-debuginfo-2.6.32-279.43.2.el6.ppc64.rpm\n\ns390x:\nkernel-2.6.32-279.43.2.el6.s390x.rpm\nkernel-debug-2.6.32-279.43.2.el6.s390x.rpm\nkernel-debug-debuginfo-2.6.32-279.43.2.el6.s390x.rpm\nkernel-debug-devel-2.6.32-279.43.2.el6.s390x.rpm\nkernel-debuginfo-2.6.32-279.43.2.el6.s390x.rpm\nkernel-debuginfo-common-s390x-2.6.32-279.43.2.el6.s390x.rpm\nkernel-devel-2.6.32-279.43.2.el6.s390x.rpm\nkernel-headers-2.6.32-279.43.2.el6.s390x.rpm\nkernel-kdump-2.6.32-279.43.2.el6.s390x.rpm\nkernel-kdump-debuginfo-2.6.32-279.43.2.el6.s390x.rpm\nkernel-kdump-devel-2.6.32-279.43.2.el6.s390x.rpm\nperf-2.6.32-279.43.2.el6.s390x.rpm\nperf-debuginfo-2.6.32-279.43.2.el6.s390x.rpm\npython-perf-debuginfo-2.6.32-279.43.2.el6.s390x.rpm\n\nx86_64:\nkernel-2.6.32-279.43.2.el6.x86_64.rpm\nkernel-debug-2.6.32-279.43.2.el6.x86_64.rpm\nkernel-debug-debuginfo-2.6.32-279.43.2.el6.x86_64.rpm\nkernel-debug-devel-2.6.32-279.43.2.el6.x86_64.rpm\nkernel-debuginfo-2.6.32-279.43.2.el6.x86_64.rpm\nkernel-debuginfo-common-x86_64-2.6.32-279.43.2.el6.x86_64.rpm\nkernel-devel-2.6.32-279.43.2.el6.x86_64.rpm\nkernel-headers-2.6.32-279.43.2.el6.x86_64.rpm\nperf-2.6.32-279.43.2.el6.x86_64.rpm\nperf-debuginfo-2.6.32-279.43.2.el6.x86_64.rpm\npython-perf-debuginfo-2.6.32-279.43.2.el6.x86_64.rpm\n\nRed Hat Enterprise Linux Server Optional EUS (v. 6.3):\n\nSource:\nkernel-2.6.32-279.43.2.el6.src.rpm\n\ni386:\nkernel-debug-debuginfo-2.6.32-279.43.2.el6.i686.rpm\nkernel-debuginfo-2.6.32-279.43.2.el6.i686.rpm\nkernel-debuginfo-common-i686-2.6.32-279.43.2.el6.i686.rpm\nperf-debuginfo-2.6.32-279.43.2.el6.i686.rpm\npython-perf-2.6.32-279.43.2.el6.i686.rpm\npython-perf-debuginfo-2.6.32-279.43.2.el6.i686.rpm\n\nppc64:\nkernel-debug-debuginfo-2.6.32-279.43.2.el6.ppc64.rpm\nkernel-debuginfo-2.6.32-279.43.2.el6.ppc64.rpm\nkernel-debuginfo-common-ppc64-2.6.32-279.43.2.el6.ppc64.rpm\nperf-debuginfo-2.6.32-279.43.2.el6.ppc64.rpm\npython-perf-2.6.32-279.43.2.el6.ppc64.rpm\npython-perf-debuginfo-2.6.32-279.43.2.el6.ppc64.rpm\n\ns390x:\nkernel-debug-debuginfo-2.6.32-279.43.2.el6.s390x.rpm\nkernel-debuginfo-2.6.32-279.43.2.el6.s390x.rpm\nkernel-debuginfo-common-s390x-2.6.32-279.43.2.el6.s390x.rpm\nkernel-kdump-debuginfo-2.6.32-279.43.2.el6.s390x.rpm\nperf-debuginfo-2.6.32-279.43.2.el6.s390x.rpm\npython-perf-2.6.32-279.43.2.el6.s390x.rpm\npython-perf-debuginfo-2.6.32-279.43.2.el6.s390x.rpm\n\nx86_64:\nkernel-debug-debuginfo-2.6.32-279.43.2.el6.x86_64.rpm\nkernel-debuginfo-2.6.32-279.43.2.el6.x86_64.rpm\nkernel-debuginfo-common-x86_64-2.6.32-279.43.2.el6.x86_64.rpm\nperf-debuginfo-2.6.32-279.43.2.el6.x86_64.rpm\npython-perf-2.6.32-279.43.2.el6.x86_64.rpm\npython-perf-debuginfo-2.6.32-279.43.2.el6.x86_64.rpm\n\nThese packages are GPG signed by Red Hat for security. Our key and\ndetails on how to verify the signature are available from\nhttps://access.redhat.com/security/team/key/#package\n\n7. References:\n\nhttps://www.redhat.com/security/data/cve/CVE-2014-0196.html\nhttps://access.redhat.com/security/updates/classification/#important\n\n8. Contact:\n\nThe Red Hat security contact is \u003csecalert@redhat.com\u003e. More contact\ndetails at https://access.redhat.com/security/team/contact/\n\nCopyright 2014 Red Hat, Inc. \n-----BEGIN PGP SIGNATURE-----\nVersion: GnuPG v1.4.4 (GNU/Linux)\n\niD8DBQFTeevHXlSAg2UNWIIRAra4AKCEmAyOKgOMKTcKEcfb2+w6TC/mFwCfWvev\nEOGe9kl4ZMaNGsVrs9ShD4E=\n=vPRc\n-----END PGP SIGNATURE-----\n\n\n--\nRHSA-announce mailing list\nRHSA-announce@redhat.com\nhttps://www.redhat.com/mailman/listinfo/rhsa-announce\n. ============================================================================\nUbuntu Security Notice USN-2227-1\nMay 27, 2014\n\nlinux-ti-omap4 vulnerabilities\n============================================================================\n\nA security issue affects these releases of Ubuntu and its derivatives:\n\n- Ubuntu 12.04 LTS\n\nSummary:\n\nSeveral security issues were fixed in the kernel. \n(CVE-2014-0196)\n\nMatthew Daley reported an information leak in the floppy disk driver of the\nLinux kernel. (CVE-2014-1738)\n\nMatthew Daley reported a flaw in the handling of ioctl commands by the\nfloppy disk driver in the Linux kernel. (CVE-2014-1737)\n\nA flaw was discovered in the Linux kernel\u0027s IPC reference counting. (CVE-2013-4483)\n\nAl Viro discovered an error in how CIFS in the Linux kernel handles\nuncached write operations. \n(CVE-2014-0069)\n\nA flaw was discovered in the handling of network packets when mergeable\nbuffers are disabled for virtual machines in the Linux kernel. Guest OS\nusers may exploit this flaw to cause a denial of service (host OS crash) or\npossibly gain privilege on the host OS. (CVE-2014-0077)\n\nA flaw was discovered in the Linux kernel\u0027s handling of the SCTP handshake. \nA remote attacker could exploit this flaw to cause a denial of service\n(system crash). (CVE-2014-0101)\n\nA flaw was discovered in the handling of routing information in Linux\nkernel\u0027s IPv6 stack. A remote attacker could exploit this flaw to cause a\ndenial of service (memory consumption) via a flood of ICMPv6 router\nadvertisement packets. (CVE-2014-2309)\n\nAn error was discovered in the Linux kernel\u0027s DCCP protocol support. A\nremote attacked could exploit this flaw to cause a denial of service\n(system crash) or possibly execute arbitrary code. (CVE-2014-2523)\n\nMax Sydorenko discovered a race condition in the Atheros 9k wireless driver\nin the Linux kernel. This race could be exploited by remote attackers to\ncause a denial of service (system crash). (CVE-2014-2672)\n\nAn error was discovered in the Reliable Datagram Sockets (RDS) protocol\nstack in the Linux kernel. \n(CVE-2014-2678)\n\nYaara Rozenblum discovered a race condition in the Linux kernel\u0027s Generic\nIEEE 802.11 Networking Stack (mac80211). Remote attackers could exploit\nthis flaw to cause a denial of service (system crash). (CVE-2014-2706)\n\nA flaw was discovered in the Linux kernel\u0027s ping sockets. \n(CVE-2014-2851)\n\nUpdate instructions:\n\nThe problem can be corrected by updating your system to the following\npackage versions:\n\nUbuntu 12.04 LTS:\n linux-image-3.2.0-1446-omap4 3.2.0-1446.65\n\nAfter a standard system update you need to reboot your computer to make\nall the necessary changes. \n\nATTENTION: Due to an unavoidable ABI change the kernel updates have\nbeen given a new version number, which requires you to recompile and\nreinstall all third party kernel modules you might have installed. Unless you\nmanually uninstalled the standard kernel metapackages (e.g. linux-generic,\nlinux-server, linux-powerpc), a standard system upgrade will automatically\nperform this as well. -----BEGIN PGP SIGNED MESSAGE-----\nHash: SHA1\n\n _______________________________________________________________________\n\n Mandriva Linux Security Advisory MDVSA-2014:124\n http://www.mandriva.com/en/support/security/\n _______________________________________________________________________\n\n Package : kernel\n Date : June 13, 2014\n Affected: Business Server 1.0\n _______________________________________________________________________\n\n Problem Description:\n\n Multiple vulnerabilities has been found and corrected in the Linux\n kernel:\n \n kernel/auditsc.c in the Linux kernel through 3.14.5, when\n CONFIG_AUDITSYSCALL is enabled with certain syscall rules, allows\n local users to obtain potentially sensitive single-bit values from\n kernel memory or cause a denial of service (OOPS) via a large value\n of a syscall number (CVE-2014-3917). \n \n The futex_requeue function in kernel/futex.c in the Linux kernel\n through 3.14.5 does not ensure that calls have two different futex\n addresses, which allows local users to gain privileges via a crafted\n FUTEX_REQUEUE command that facilitates unsafe waiter modification\n (CVE-2014-3153). NOTE: the affected code was moved to\n the __skb_get_nlattr and __skb_get_nlattr_nest functions before the\n vulnerability was announced (CVE-2014-3144). NOTE: the affected code was moved to the\n __skb_get_nlattr_nest function before the vulnerability was announced\n (CVE-2014-3145). \n \n Multiple array index errors in drivers/hid/hid-multitouch.c in the\n Human Interface Device (HID) subsystem in the Linux kernel through\n 3.11, when CONFIG_HID_MULTITOUCH is enabled, allow physically proximate\n attackers to cause a denial of service (heap memory corruption, or NULL\n pointer dereference and OOPS) via a crafted device (CVE-2013-2897). \n \n The sctp_sf_do_5_1D_ce function in net/sctp/sm_statefuns.c in the\n Linux kernel through 3.13.6 does not validate certain auth_enable\n and auth_capable fields before making an sctp_sf_authenticate call,\n which allows remote attackers to cause a denial of service (NULL\n pointer dereference and system crash) via an SCTP handshake with\n a modified INIT chunk and a crafted AUTH chunk before a COOKIE_ECHO\n chunk (CVE-2014-0101). \n \n The updated packages provides a solution for these security issues. \n _______________________________________________________________________\n\n References:\n\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-2137\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-2897\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0069\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0077\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0101\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0196\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-1737\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-1738\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-1874\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-2039\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-2309\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-2523\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-2672\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-2678\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-2706\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-2851\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3144\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3145\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3153\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3917\n _______________________________________________________________________\n\n Updated Packages:\n\n Mandriva Business Server 1/X86_64:\n d4a1665d801553272f379aa8190d7208 mbs1/x86_64/cpupower-3.4.93-1.1.mbs1.x86_64.rpm\n dac586e9467ccffcb0f03d7d6902c714 mbs1/x86_64/kernel-firmware-3.4.93-1.1.mbs1.noarch.rpm\n d67bdbd6148b7e7f187244fc2fb17629 mbs1/x86_64/kernel-headers-3.4.93-1.1.mbs1.src.rpm\n 6f011d528d57e6bfe3f348e124cc11d5 mbs1/x86_64/kernel-headers-3.4.93-1.1.mbs1.x86_64.rpm\n 6d7935addb463a2dc0cec144390f0786 mbs1/x86_64/kernel-server-3.4.93-1.1.mbs1.x86_64.rpm\n c013f3a9ae5f48694d91bfac81169c67 mbs1/x86_64/kernel-server-devel-3.4.93-1.1.mbs1.x86_64.rpm\n 87c7893b5fdfed6d766cac365e78f213 mbs1/x86_64/kernel-source-3.4.93-1.mbs1.noarch.rpm\n 298e025c2b05845d67efc4566db3d152 mbs1/x86_64/lib64cpupower0-3.4.93-1.1.mbs1.x86_64.rpm\n 45e43387ed27d1281fe5b15304f796f6 mbs1/x86_64/lib64cpupower-devel-3.4.93-1.1.mbs1.x86_64.rpm\n 3a74f07a429ea1b403d676f73b7ecbf9 mbs1/x86_64/perf-3.4.93-1.1.mbs1.x86_64.rpm \n bd6bd37cd3ff3b6844b04821d6da2779 mbs1/SRPMS/cpupower-3.4.93-1.1.mbs1.src.rpm\n 88c98d0723446a0717159574e06d9e3b mbs1/SRPMS/kernel-firmware-3.4.93-1.1.mbs1.src.rpm\n 7a84b2886c92e812943c76b2faafd068 mbs1/SRPMS/kernel-server-3.4.93-1.1.mbs1.src.rpm\n 7a431cec5f9862815f4d92f2ca1f8d9d mbs1/SRPMS/kernel-source-3.4.93-1.mbs1.src.rpm\n 65654157eb504295dbd05676ed40c968 mbs1/SRPMS/perf-3.4.93-1.1.mbs1.src.rpm\n _______________________________________________________________________\n\n To upgrade automatically use MandrivaUpdate or urpmi. The verification\n of md5 checksums and GPG signatures is performed automatically for you. \n\n All packages are signed by Mandriva for security. You can obtain the\n GPG public key of the Mandriva Security Team by executing:\n\n gpg --recv-keys --keyserver pgp.mit.edu 0x22458A98\n\n You can view other update advisories for Mandriva Linux at:\n\n http://www.mandriva.com/en/support/security/advisories/\n\n If you want to report vulnerabilities, please contact\n\n security_(at)_mandriva.com\n _______________________________________________________________________\n\n Type Bits/KeyID Date User ID\n pub 1024D/22458A98 2000-07-10 Mandriva Security Team\n \u003csecurity*mandriva.com\u003e\n-----BEGIN PGP SIGNATURE-----\nVersion: GnuPG v1.4.12 (GNU/Linux)\n\niD8DBQFTmvH3mqjQ0CJFipgRAjgaAKDtCfvK/cukQMyPkhdgllxaobQHFQCdHoJo\ng42VcK2YoEgcX9BPP3/zfWg=\n=4uZg\n-----END PGP SIGNATURE-----\n. \n(CVE-2014-2851)\n\nSasha Levin reported a bug in the Linux kernel\u0027s virtual memory management\nsubsystem",
"sources": [
{
"db": "NVD",
"id": "CVE-2014-0196"
},
{
"db": "JVNDB",
"id": "JVNDB-2014-002401"
},
{
"db": "VULHUB",
"id": "VHN-67689"
},
{
"db": "PACKETSTORM",
"id": "126624"
},
{
"db": "PACKETSTORM",
"id": "126712"
},
{
"db": "PACKETSTORM",
"id": "126800"
},
{
"db": "PACKETSTORM",
"id": "126507"
},
{
"db": "PACKETSTORM",
"id": "126503"
},
{
"db": "PACKETSTORM",
"id": "126512"
},
{
"db": "PACKETSTORM",
"id": "127099"
},
{
"db": "PACKETSTORM",
"id": "127253"
}
],
"trust": 2.43
},
"exploit_availability": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/exploit_availability#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"reference": "https://www.scap.org.cn/vuln/vhn-67689",
"trust": 0.1,
"type": "unknown"
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-67689"
}
]
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2014-0196",
"trust": 3.3
},
{
"db": "OSVDB",
"id": "106646",
"trust": 1.7
},
{
"db": "SECUNIA",
"id": "59218",
"trust": 1.7
},
{
"db": "SECUNIA",
"id": "59262",
"trust": 1.7
},
{
"db": "SECUNIA",
"id": "59599",
"trust": 1.7
},
{
"db": "EXPLOIT-DB",
"id": "33516",
"trust": 1.7
},
{
"db": "OPENWALL",
"id": "OSS-SECURITY/2014/05/05/6",
"trust": 1.7
},
{
"db": "JVNDB",
"id": "JVNDB-2014-002401",
"trust": 0.8
},
{
"db": "CNNVD",
"id": "CNNVD-201405-092",
"trust": 0.7
},
{
"db": "PACKETSTORM",
"id": "126512",
"trust": 0.2
},
{
"db": "PACKETSTORM",
"id": "126712",
"trust": 0.2
},
{
"db": "PACKETSTORM",
"id": "126503",
"trust": 0.2
},
{
"db": "PACKETSTORM",
"id": "126624",
"trust": 0.2
},
{
"db": "PACKETSTORM",
"id": "126507",
"trust": 0.2
},
{
"db": "PACKETSTORM",
"id": "126508",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "126603",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "126511",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "126509",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "126510",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "127035",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "126506",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "126500",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "126578",
"trust": 0.1
},
{
"db": "SEEBUG",
"id": "SSVID-86729",
"trust": 0.1
},
{
"db": "VULHUB",
"id": "VHN-67689",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "126800",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "127099",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "127253",
"trust": 0.1
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-67689"
},
{
"db": "PACKETSTORM",
"id": "126624"
},
{
"db": "PACKETSTORM",
"id": "126712"
},
{
"db": "PACKETSTORM",
"id": "126800"
},
{
"db": "PACKETSTORM",
"id": "126507"
},
{
"db": "PACKETSTORM",
"id": "126503"
},
{
"db": "PACKETSTORM",
"id": "126512"
},
{
"db": "PACKETSTORM",
"id": "127099"
},
{
"db": "PACKETSTORM",
"id": "127253"
},
{
"db": "CNNVD",
"id": "CNNVD-201405-092"
},
{
"db": "JVNDB",
"id": "JVNDB-2014-002401"
},
{
"db": "NVD",
"id": "CVE-2014-0196"
}
]
},
"id": "VAR-201405-0243",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "VULHUB",
"id": "VHN-67689"
}
],
"trust": 0.52171717
},
"last_update_date": "2025-12-22T23:22:17.097000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "Bug 875690",
"trust": 0.8,
"url": "https://bugzilla.novell.com/show_bug.cgi?id=875690"
},
{
"title": "n_tty: Fix n_tty_write crash when echoing in raw mode",
"trust": 0.8,
"url": "https://github.com/torvalds/linux/commit/4291086b1f081b869c6d79e5b7441633dc3ace00"
},
{
"title": "Linux Kernel Archives",
"trust": 0.8,
"url": "http://www.kernel.org"
},
{
"title": "n_tty: Fix n_tty_write crash when echoing in raw mode",
"trust": 0.8,
"url": "http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=4291086b1f081b869c6d79e5b7441633dc3ace00"
},
{
"title": "ELSA-2014-0771",
"trust": 0.8,
"url": "http://linux.oracle.com/errata/ELSA-2014-0771.html "
},
{
"title": "Bug 1094232",
"trust": 0.8,
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1094232"
},
{
"title": "RHSA-2014:0512",
"trust": 0.8,
"url": "https://rhn.redhat.com/errata/RHSA-2014-0512.html"
},
{
"title": "linux-3.14.4",
"trust": 0.6,
"url": "http://123.124.177.30/web/xxk/bdxqById.tag?id=49773"
},
{
"title": "linux-3.14.4",
"trust": 0.6,
"url": "http://123.124.177.30/web/xxk/bdxqById.tag?id=49772"
}
],
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201405-092"
},
{
"db": "JVNDB",
"id": "JVNDB-2014-002401"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "CWE-362",
"trust": 1.9
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-67689"
},
{
"db": "JVNDB",
"id": "JVNDB-2014-002401"
},
{
"db": "NVD",
"id": "CVE-2014-0196"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 1.8,
"url": "http://rhn.redhat.com/errata/rhsa-2014-0512.html"
},
{
"trust": 1.8,
"url": "http://www.ubuntu.com/usn/usn-2198-1"
},
{
"trust": 1.8,
"url": "http://www.ubuntu.com/usn/usn-2199-1"
},
{
"trust": 1.8,
"url": "http://www.ubuntu.com/usn/usn-2204-1"
},
{
"trust": 1.7,
"url": "http://www.osvdb.org/106646"
},
{
"trust": 1.7,
"url": "http://www.exploit-db.com/exploits/33516"
},
{
"trust": 1.7,
"url": "http://secunia.com/advisories/59218"
},
{
"trust": 1.7,
"url": "http://secunia.com/advisories/59262"
},
{
"trust": 1.7,
"url": "http://secunia.com/advisories/59599"
},
{
"trust": 1.7,
"url": "http://www.debian.org/security/2014/dsa-2926"
},
{
"trust": 1.7,
"url": "http://www.debian.org/security/2014/dsa-2928"
},
{
"trust": 1.7,
"url": "http://lists.opensuse.org/opensuse-security-announce/2014-05/msg00007.html"
},
{
"trust": 1.7,
"url": "http://lists.opensuse.org/opensuse-security-announce/2014-05/msg00012.html"
},
{
"trust": 1.7,
"url": "http://www.ubuntu.com/usn/usn-2196-1"
},
{
"trust": 1.7,
"url": "http://www.ubuntu.com/usn/usn-2197-1"
},
{
"trust": 1.7,
"url": "http://www.ubuntu.com/usn/usn-2200-1"
},
{
"trust": 1.7,
"url": "http://www.ubuntu.com/usn/usn-2201-1"
},
{
"trust": 1.7,
"url": "http://www.ubuntu.com/usn/usn-2202-1"
},
{
"trust": 1.7,
"url": "http://www.ubuntu.com/usn/usn-2203-1"
},
{
"trust": 1.7,
"url": "http://www.openwall.com/lists/oss-security/2014/05/05/6"
},
{
"trust": 1.7,
"url": "http://bugzilla.novell.com/show_bug.cgi?id=875690"
},
{
"trust": 1.7,
"url": "http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git%3ba=commit%3bh=4291086b1f081b869c6d79e5b7441633dc3ace00"
},
{
"trust": 1.7,
"url": "http://linux.oracle.com/errata/elsa-2014-0771.html"
},
{
"trust": 1.7,
"url": "http://pastebin.com/raw.php?i=ytsfubgz"
},
{
"trust": 1.7,
"url": "http://source.android.com/security/bulletin/2016-07-01.html"
},
{
"trust": 1.7,
"url": "http://support.f5.com/kb/en-us/solutions/public/15000/300/sol15319.html"
},
{
"trust": 1.7,
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1094232"
},
{
"trust": 1.7,
"url": "https://github.com/torvalds/linux/commit/4291086b1f081b869c6d79e5b7441633dc3ace00"
},
{
"trust": 1.0,
"url": "https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=cve-2014-0196"
},
{
"trust": 0.9,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2014-0196"
},
{
"trust": 0.8,
"url": "https://nvd.nist.gov/vuln/detail/cve-2014-0196"
},
{
"trust": 0.8,
"url": "http://web.nvd.nist.gov/view/vuln/detail?vulnid=cve-2014-0196"
},
{
"trust": 0.6,
"url": "http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git;a=commit;h=4291086b1f081b869c6d79e5b7441633dc3ace00"
},
{
"trust": 0.4,
"url": "https://nvd.nist.gov/vuln/detail/cve-2014-1738"
},
{
"trust": 0.4,
"url": "https://nvd.nist.gov/vuln/detail/cve-2014-1737"
},
{
"trust": 0.3,
"url": "https://nvd.nist.gov/vuln/detail/cve-2014-2851"
},
{
"trust": 0.3,
"url": "https://nvd.nist.gov/vuln/detail/cve-2014-0077"
},
{
"trust": 0.2,
"url": "https://nvd.nist.gov/vuln/detail/cve-2014-2706"
},
{
"trust": 0.2,
"url": "https://nvd.nist.gov/vuln/detail/cve-2014-0069"
},
{
"trust": 0.2,
"url": "https://nvd.nist.gov/vuln/detail/cve-2014-0101"
},
{
"trust": 0.2,
"url": "https://nvd.nist.gov/vuln/detail/cve-2014-2309"
},
{
"trust": 0.2,
"url": "https://nvd.nist.gov/vuln/detail/cve-2014-2678"
},
{
"trust": 0.2,
"url": "https://nvd.nist.gov/vuln/detail/cve-2014-2672"
},
{
"trust": 0.2,
"url": "https://nvd.nist.gov/vuln/detail/cve-2014-2523"
},
{
"trust": 0.2,
"url": "https://nvd.nist.gov/vuln/detail/cve-2014-3153"
},
{
"trust": 0.1,
"url": "http://www.debian.org/security/faq"
},
{
"trust": 0.1,
"url": "http://www.debian.org/security/"
},
{
"trust": 0.1,
"url": "https://www.redhat.com/security/data/cve/cve-2014-0196.html"
},
{
"trust": 0.1,
"url": "https://www.redhat.com/mailman/listinfo/rhsa-announce"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/team/key/#package"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/site/articles/11258"
},
{
"trust": 0.1,
"url": "https://bugzilla.redhat.com/):"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/team/contact/"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/updates/classification/#important"
},
{
"trust": 0.1,
"url": "https://launchpad.net/ubuntu/+source/linux-ti-omap4/3.2.0-1446.65"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2013-4483"
},
{
"trust": 0.1,
"url": "http://www.ubuntu.com/usn/usn-2227-1"
},
{
"trust": 0.1,
"url": "https://launchpad.net/ubuntu/+source/linux-lts-quantal/3.5.0-49.74~precise1"
},
{
"trust": 0.1,
"url": "https://launchpad.net/ubuntu/+source/linux/3.2.0-61.93"
},
{
"trust": 0.1,
"url": "https://launchpad.net/ubuntu/+source/linux/3.13.0-24.47"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2014-2523"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2014-0101"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2014-0077"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2012-2137"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2014-2706"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2012-2137"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2014-3144"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2014-2309"
},
{
"trust": 0.1,
"url": "http://www.mandriva.com/en/support/security/"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2014-2678"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2014-3144"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2014-3153"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2014-2039"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2014-2039"
},
{
"trust": 0.1,
"url": "http://www.mandriva.com/en/support/security/advisories/"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2014-2672"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2014-3917"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2014-1738"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2013-2897"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2014-1874"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2014-2851"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2014-3917"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2014-3145"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2014-3145"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2013-2897"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2014-1874"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2014-0069"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2014-1737"
},
{
"trust": 0.1,
"url": "https://launchpad.net/ubuntu/+source/linux-lts-trusty/3.13.0-30.54~precise2"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2014-3122"
},
{
"trust": 0.1,
"url": "http://www.ubuntu.com/usn/usn-2260-1"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2014-2568"
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-67689"
},
{
"db": "PACKETSTORM",
"id": "126624"
},
{
"db": "PACKETSTORM",
"id": "126712"
},
{
"db": "PACKETSTORM",
"id": "126800"
},
{
"db": "PACKETSTORM",
"id": "126507"
},
{
"db": "PACKETSTORM",
"id": "126503"
},
{
"db": "PACKETSTORM",
"id": "126512"
},
{
"db": "PACKETSTORM",
"id": "127099"
},
{
"db": "PACKETSTORM",
"id": "127253"
},
{
"db": "CNNVD",
"id": "CNNVD-201405-092"
},
{
"db": "JVNDB",
"id": "JVNDB-2014-002401"
},
{
"db": "NVD",
"id": "CVE-2014-0196"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "VULHUB",
"id": "VHN-67689"
},
{
"db": "PACKETSTORM",
"id": "126624"
},
{
"db": "PACKETSTORM",
"id": "126712"
},
{
"db": "PACKETSTORM",
"id": "126800"
},
{
"db": "PACKETSTORM",
"id": "126507"
},
{
"db": "PACKETSTORM",
"id": "126503"
},
{
"db": "PACKETSTORM",
"id": "126512"
},
{
"db": "PACKETSTORM",
"id": "127099"
},
{
"db": "PACKETSTORM",
"id": "127253"
},
{
"db": "CNNVD",
"id": "CNNVD-201405-092"
},
{
"db": "JVNDB",
"id": "JVNDB-2014-002401"
},
{
"db": "NVD",
"id": "CVE-2014-0196"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2014-05-07T00:00:00",
"db": "VULHUB",
"id": "VHN-67689"
},
{
"date": "2014-05-15T21:36:02",
"db": "PACKETSTORM",
"id": "126624"
},
{
"date": "2014-05-19T17:02:25",
"db": "PACKETSTORM",
"id": "126712"
},
{
"date": "2014-05-27T16:02:18",
"db": "PACKETSTORM",
"id": "126800"
},
{
"date": "2014-05-06T20:24:17",
"db": "PACKETSTORM",
"id": "126507"
},
{
"date": "2014-05-06T20:23:49",
"db": "PACKETSTORM",
"id": "126503"
},
{
"date": "2014-05-06T20:24:48",
"db": "PACKETSTORM",
"id": "126512"
},
{
"date": "2014-06-15T17:22:00",
"db": "PACKETSTORM",
"id": "127099"
},
{
"date": "2014-06-27T16:48:32",
"db": "PACKETSTORM",
"id": "127253"
},
{
"date": "2014-05-08T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201405-092"
},
{
"date": "2014-05-08T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2014-002401"
},
{
"date": "2014-05-07T10:55:04.337000",
"db": "NVD",
"id": "CVE-2014-0196"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2023-02-13T00:00:00",
"db": "VULHUB",
"id": "VHN-67689"
},
{
"date": "2023-02-13T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201405-092"
},
{
"date": "2014-07-28T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2014-002401"
},
{
"date": "2025-10-22T01:15:53.760000",
"db": "NVD",
"id": "CVE-2014-0196"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "local",
"sources": [
{
"db": "PACKETSTORM",
"id": "126712"
},
{
"db": "PACKETSTORM",
"id": "126800"
},
{
"db": "PACKETSTORM",
"id": "127253"
},
{
"db": "CNNVD",
"id": "CNNVD-201405-092"
}
],
"trust": 0.9
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Linux Kernel of drivers/tty/n_tty.c of n_tty_write Service disruption in functions (DoS) Vulnerabilities",
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2014-002401"
}
],
"trust": 0.8
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "competition condition problem",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201405-092"
}
],
"trust": 0.6
}
}
Sightings
| Author | Source | Type | Date |
|---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or observed by the user.
- Confirmed: The vulnerability has been validated from an analyst's perspective.
- Published Proof of Concept: A public proof of concept is available for this vulnerability.
- Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
- Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
- Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
- Not confirmed: The user expressed doubt about the validity of the vulnerability.
- Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.