A vulnerability found in the Linux kernel, specifically a flaw with the pseudo tty (pty) device, allows an unprivileged user to cause a denial of service (system crash) or potentially gain administrator privileges. A small number of CentOS and Ubuntu versions are vulnerable, thus we want to highlight the following information:
Additional information for Ubuntu can be found here.
Additional information for CentOS can be found here.
We also have tutorials on How To Update the Kernel in CentOS / Red Hat and How To Check the Kernel Version in Linux / Ubuntu / CentOS.
MITRE CVE describes the issue as follows:
The n_tty_write function in drivers/tty/n_tty.c in the Linux kernel through 3.14.3 does not properly manage tty driver access in the “LECHO & !OPOST” case, which allows local users to cause a denial of service (memory corruption and system crash) or gain privileges by triggering a race condition involving read and write operations with long strings.
Further information on CVE-2014-0196 is available from the NIST NVD and MITRE CVE dictionary.
Related Articles:
About the Author: J. Mays
Our Sales and Support teams are available 24 hours by phone or e-mail to assist.
Latest Articles
How to Edit Your DNS Hosts File
Read ArticleHow to Edit Your DNS Hosts File
Read ArticleMicrosoft Exchange Server Security Update
Read ArticleHow to Monitor Your Server in WHM
Read ArticleHow to Monitor Your Server in WHM
Read Article