• Welcome to Web Hosting Community Forum for Webmasters - Web hosting Forum.
 

Recommended Providers

Fully Managed WordPress Hosting
lc_banner_leadgen_3
Fully Managed WordPress Hosting

WordPress Theme

Divi WordPress Theme
WPZOOM

Forum Membership

Forum Membership

CVE-2014-0196: kernel: memory corruption via a race in pty write handling

Started by Kailash, May 14, 2014, 11:05:40 PM

Kailash

QuoteA race condition in pty (pseudo terminal) write buffer handling could be used by local attackers to corrupt kernel memory and so cause a system crash or potentially code execution.

QuoteJiri thinks:

Introduced by d945cb9cce20ac7143c2de8d88b187f62db99bdc (pty: Rework the pty
layer to use the normal buffering logic) in 2.6.31-rc3. Until then, pty
was writing directly to a line discipline without using buffers.

So 2.6.31 - 3.15rcX

https://bugzilla.novell.com/show_bug.cgi?id=875690

QuoteStatement:

This issue does not affect the versions of the kernel package as shipped with Red Hat Enterprise Linux 5.

Future kernel updates for Red Hat Enterprise Linux 6 and Red Hat Enterprise MRG 2 may address this issue.

https://bugzilla.redhat.com/show_bug.cgi?id=1094232
https://access.redhat.com/security/cve/CVE-2014-0196

Kailash


Kailash

Ksplice just released an update:

QuoteSynopsis: Early update for local privilege escalation in TTY driver:
CVE-2014-0196

We felt that it's important for us to ship this update early, before
distributions released kernels that fix the problem, because our audit
showed that we have a large number of customers affected by the CVE.

DESCRIPTION

* CVE-2014-0196: Pseudo TTY device write buffer handling race.

A race in how the pseudo ttyp (pty) device handled device writes when
two threads/processes wrote to the same pty, the buffer end could be
overwritten. An attacker could use this to cause a denial-of-service or
gain root privileges.

INSTALLING THE UPDATES

On systems that have "autoinstall = yes" in /etc/uptrack/uptrack.conf,
these updates will be installed automatically and you do not need to
take any action.

Alternatively, you can install these updates by running:

# /usr/sbin/uptrack-upgrade -y

Kailash