kernel-packages team mailing list archive
-
kernel-packages team
-
Mailing list archive
-
Message #59411
[Bug 1314762] Re: CVE-2014-0196
** Description changed:
- The tty atomic_write_lock does not provide an exclusion guarantee for
- the tty driver if the termios settings are LECHO & !OPOST. And since it
- is unexpected and not allowed to call TTY buffer helpers like
- tty_insert_flip_string concurrently, this may lead to crashes when
- concurrect writers call pty_write. In that case the following two
+ The n_tty_write function in drivers/tty/n_tty.c in the Linux kernel
+ through 3.14.3 does not properly manage tty driver access in the "LECHO
+ & !OPOST" case, which allows local users to cause a denial of service
+ (memory corruption and system crash) or gain privileges by triggering a
+ race condition involving read and write operations with long strings.
Break-Fix: d945cb9cce20ac7143c2de8d88b187f62db99bdc
4291086b1f081b869c6d79e5b7441633dc3ace00
--
You received this bug notification because you are a member of Kernel
Packages, which is subscribed to linux-armadaxp in Ubuntu.
https://bugs.launchpad.net/bugs/1314762
Title:
CVE-2014-0196
Status in “linux” package in Ubuntu:
New
Status in “linux-armadaxp” package in Ubuntu:
Invalid
Status in “linux-ec2” package in Ubuntu:
Invalid
Status in “linux-fsl-imx51” package in Ubuntu:
Invalid
Status in “linux-lts-quantal” package in Ubuntu:
Invalid
Status in “linux-lts-raring” package in Ubuntu:
Invalid
Status in “linux-lts-saucy” package in Ubuntu:
Invalid
Status in “linux-mvl-dove” package in Ubuntu:
Invalid
Status in “linux-ti-omap4” package in Ubuntu:
Invalid
Status in “linux” source package in Lucid:
Fix Released
Status in “linux-armadaxp” source package in Lucid:
Invalid
Status in “linux-ec2” source package in Lucid:
Fix Released
Status in “linux-fsl-imx51” source package in Lucid:
Invalid
Status in “linux-lts-quantal” source package in Lucid:
Invalid
Status in “linux-lts-raring” source package in Lucid:
Invalid
Status in “linux-lts-saucy” source package in Lucid:
Invalid
Status in “linux-mvl-dove” source package in Lucid:
Invalid
Status in “linux-ti-omap4” source package in Lucid:
Invalid
Status in “linux” source package in Precise:
Fix Released
Status in “linux-armadaxp” source package in Precise:
Fix Committed
Status in “linux-ec2” source package in Precise:
Invalid
Status in “linux-fsl-imx51” source package in Precise:
Invalid
Status in “linux-lts-quantal” source package in Precise:
Fix Released
Status in “linux-lts-raring” source package in Precise:
Fix Released
Status in “linux-lts-saucy” source package in Precise:
Fix Released
Status in “linux-mvl-dove” source package in Precise:
Invalid
Status in “linux-ti-omap4” source package in Precise:
Fix Committed
Status in “linux” source package in Quantal:
Fix Released
Status in “linux-armadaxp” source package in Quantal:
Fix Committed
Status in “linux-ec2” source package in Quantal:
Invalid
Status in “linux-fsl-imx51” source package in Quantal:
Invalid
Status in “linux-lts-quantal” source package in Quantal:
Invalid
Status in “linux-lts-raring” source package in Quantal:
Invalid
Status in “linux-lts-saucy” source package in Quantal:
Invalid
Status in “linux-mvl-dove” source package in Quantal:
Invalid
Status in “linux-ti-omap4” source package in Quantal:
Fix Committed
Status in “linux” source package in Saucy:
Fix Released
Status in “linux-armadaxp” source package in Saucy:
Invalid
Status in “linux-ec2” source package in Saucy:
Invalid
Status in “linux-fsl-imx51” source package in Saucy:
Invalid
Status in “linux-lts-quantal” source package in Saucy:
Invalid
Status in “linux-lts-raring” source package in Saucy:
Invalid
Status in “linux-lts-saucy” source package in Saucy:
Invalid
Status in “linux-mvl-dove” source package in Saucy:
Invalid
Status in “linux-ti-omap4” source package in Saucy:
Fix Committed
Status in “linux” source package in Trusty:
Fix Released
Status in “linux-armadaxp” source package in Trusty:
Invalid
Status in “linux-ec2” source package in Trusty:
Invalid
Status in “linux-fsl-imx51” source package in Trusty:
Invalid
Status in “linux-lts-quantal” source package in Trusty:
Invalid
Status in “linux-lts-raring” source package in Trusty:
Invalid
Status in “linux-lts-saucy” source package in Trusty:
Invalid
Status in “linux-mvl-dove” source package in Trusty:
Invalid
Status in “linux-ti-omap4” source package in Trusty:
Invalid
Status in “linux” source package in Utopic:
New
Status in “linux-armadaxp” source package in Utopic:
Invalid
Status in “linux-ec2” source package in Utopic:
Invalid
Status in “linux-fsl-imx51” source package in Utopic:
Invalid
Status in “linux-lts-quantal” source package in Utopic:
Invalid
Status in “linux-lts-raring” source package in Utopic:
Invalid
Status in “linux-lts-saucy” source package in Utopic:
Invalid
Status in “linux-mvl-dove” source package in Utopic:
Invalid
Status in “linux-ti-omap4” source package in Utopic:
Invalid
Bug description:
The n_tty_write function in drivers/tty/n_tty.c in the Linux kernel
through 3.14.3 does not properly manage tty driver access in the
"LECHO & !OPOST" case, which allows local users to cause a denial of
service (memory corruption and system crash) or gain privileges by
triggering a race condition involving read and write operations with
long strings.
Break-Fix: d945cb9cce20ac7143c2de8d88b187f62db99bdc
4291086b1f081b869c6d79e5b7441633dc3ace00
To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/linux/+bug/1314762/+subscriptions