Executive Summary

Summary
Title Linux kernel (Saucy HWE) vulnerability
Informations
Name USN-2201-1 First vendor Publication 2014-05-06
Vendor Ubuntu Last vendor Modification 2014-05-06
Severity (Vendor) N/A Revision N/A

Security-Database Scoring CVSS v3

Cvss vector : N/A
Overall CVSS Score NA
Base Score NA Environmental Score NA
impact SubScore NA Temporal Score NA
Exploitabality Sub Score NA
 
Calculate full CVSS 3.0 Vectors scores

Security-Database Scoring CVSS v2

Cvss vector : (AV:L/AC:M/Au:N/C:C/I:C/A:C)
Cvss Base Score 6.9 Attack Range Local
Cvss Impact Score 10 Attack Complexity Medium
Cvss Expoit Score 3.4 Authentication None Required
Calculate full CVSS 2.0 Vectors scores

Detail

A security issue affects these releases of Ubuntu and its derivatives:

- Ubuntu 12.04 LTS

Summary:

The system could be made to crash or run programs as an administrator.

Software Description: - linux-lts-saucy: Linux hardware enablement kernel from Saucy

Details:

A flaw was discovered in the Linux kernel's pseudo tty (pty) device. An unprivileged user could exploit this flaw to cause a denial of service (system crash) or potentially gain administrator privileges.

Update instructions:

The problem can be corrected by updating your system to the following package versions:

Ubuntu 12.04 LTS:
linux-image-3.11.0-20-generic 3.11.0-20.35~precise1
linux-image-3.11.0-20-generic-lpae 3.11.0-20.35~precise1

After a standard system update you need to reboot your computer to make all the necessary changes.

References:
http://www.ubuntu.com/usn/usn-2201-1
CVE-2014-0196

Package Information:
https://launchpad.net/ubuntu/+source/linux-lts-saucy/3.11.0-20.35~precise1

Original Source

Url : http://www.ubuntu.com/usn/USN-2201-1

CWE : Common Weakness Enumeration

% Id Name
100 % CWE-362 Race Condition

OVAL Definitions

Definition Id: oval:org.mitre.oval:def:24445
 
Oval ID: oval:org.mitre.oval:def:24445
Title: USN-2200-1 -- linux-lts-raring vulnerability
Description: The system could be made to crash or run programs as an administrator.
Family: unix Class: patch
Reference(s): USN-2200-1
CVE-2014-0196
Version: 5
Platform(s): Ubuntu 12.04
Product(s): linux-lts-raring
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:24543
 
Oval ID: oval:org.mitre.oval:def:24543
Title: USN-2203-1 -- linux vulnerability
Description: The system could be made to crash or run programs as an administrator.
Family: unix Class: patch
Reference(s): USN-2203-1
CVE-2014-0196
Version: 5
Platform(s): Ubuntu 13.10
Product(s): linux
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:24668
 
Oval ID: oval:org.mitre.oval:def:24668
Title: USN-2202-1 -- linux vulnerability
Description: The system could be made to crash or run programs as an administrator.
Family: unix Class: patch
Reference(s): USN-2202-1
CVE-2014-0196
Version: 5
Platform(s): Ubuntu 12.10
Product(s): linux
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:24673
 
Oval ID: oval:org.mitre.oval:def:24673
Title: USN-2199-1 -- linux-lts-quantal vulnerability
Description: The system could be made to crash or run programs as an administrator.
Family: unix Class: patch
Reference(s): USN-2199-1
CVE-2014-0196
Version: 5
Platform(s): Ubuntu 12.04
Product(s): linux-lts-quantal
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:24706
 
Oval ID: oval:org.mitre.oval:def:24706
Title: USN-2201-1 -- linux-lts-saucy vulnerability
Description: The system could be made to crash or run programs as an administrator.
Family: unix Class: patch
Reference(s): USN-2201-1
CVE-2014-0196
Version: 5
Platform(s): Ubuntu 12.04
Product(s): linux-lts-saucy
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:24747
 
Oval ID: oval:org.mitre.oval:def:24747
Title: USN-2204-1 -- linux vulnerability
Description: The system could be made to crash or run programs as an administrator.
Family: unix Class: patch
Reference(s): USN-2204-1
CVE-2014-0196
Version: 4
Platform(s): Ubuntu 14.04
Product(s): linux
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:24818
 
Oval ID: oval:org.mitre.oval:def:24818
Title: USN-2197-1 -- linux-ec2 vulnerability
Description: The system could be made to crash or run programs as an administrator.
Family: unix Class: patch
Reference(s): USN-2197-1
CVE-2014-0196
Version: 5
Platform(s): Ubuntu 10.04
Product(s): linux-ec2
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:24838
 
Oval ID: oval:org.mitre.oval:def:24838
Title: USN-2198-1 -- linux vulnerability
Description: The system could be made to crash or run programs as an administrator.
Family: unix Class: patch
Reference(s): USN-2198-1
CVE-2014-0196
Version: 5
Platform(s): Ubuntu 12.04
Product(s): linux
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:24863
 
Oval ID: oval:org.mitre.oval:def:24863
Title: USN-2196-1 -- linux vulnerability
Description: The system could be made to crash or run programs as an administrator.
Family: unix Class: patch
Reference(s): USN-2196-1
CVE-2014-0196
Version: 5
Platform(s): Ubuntu 10.04
Product(s): linux
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:25233
 
Oval ID: oval:org.mitre.oval:def:25233
Title: SUSE-SU-2014:0667-1 -- Security update for Linux Kernel
Description: The SUSE Linux Enterprise 11 Service Pack 3 kernel was updated to fix the following severe security issues: * CVE-2014-1737: The raw_cmd_copyin function in drivers/block/floppy.c in the Linux kernel through 3.14.3 does not properly handle error conditions during processing of an FDRAWCMD ioctl call, which allows local users to trigger kfree operations and gain privileges by leveraging write access to a /dev/fd device. (bnc#875798) * CVE-2014-1738: The raw_cmd_copyout function in drivers/block/floppy.c in the Linux kernel through 3.14.3 does not properly restrict access to certain pointers during processing of an FDRAWCMD ioctl call, which allows local users to obtain sensitive information from kernel heap memory by leveraging write access to a /dev/fd device. (bnc#875798) * CVE-2014-0196: The n_tty_write function in drivers/tty/n_tty.c in the Linux kernel through 3.14.3 does not properly manage tty driver access in the "LECHO & !OPOST" case, which allows local users to cause a denial of service (memory corruption and system crash) or gain privileges by triggering a race condition involving read and write operations with long strings. (bnc#875690)
Family: unix Class: patch
Reference(s): SUSE-SU-2014:0667-1
CVE-2014-1737
CVE-2014-1738
CVE-2014-0196
Version: 3
Platform(s): SUSE Linux Enterprise Server 11
SUSE Linux Enterprise Desktop 11
Product(s): Linux Kernel
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:25258
 
Oval ID: oval:org.mitre.oval:def:25258
Title: RHSA-2014:0678: kernel security update (Important)
Description: The kernel packages contain the Linux kernel, the core of any Linux operating system. * A race condition flaw, leading to heap-based buffer overflows, was found in the way the Linux kernel's N_TTY line discipline (LDISC) implementation handled concurrent processing of echo output and TTY write operations originating from user space when the underlying TTY driver was PTY. An unprivileged, local user could use this flaw to crash the system or, potentially, escalate their privileges on the system. (CVE-2014-0196, Important) All kernel users are advised to upgrade to these updated packages, which contain a backported patch to correct this issue. The system must be rebooted for this update to take effect.
Family: unix Class: patch
Reference(s): RHSA-2014:0678-00
CVE-2014-0196
Version: 4
Platform(s): Red Hat Enterprise Linux 7
CentOS Linux 7
Product(s): kernel
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:27162
 
Oval ID: oval:org.mitre.oval:def:27162
Title: ELSA-2014-0678 -- kernel security update (important)
Description: [3.10.0-123.1.2] - Oracle Linux certificates (Alexey Petrenko) [3.10.0-123.1.2] - [tty] n_tty: Fix n_tty_write crash when echoing in raw mode (Aristeu Rozanski) [1094241 1094242] {CVE-2014-0196}
Family: unix Class: patch
Reference(s): ELSA-2014-0678
CVE-2014-0196
Version: 3
Platform(s): Oracle Linux 7
Product(s): kernel
Definition Synopsis:

CPE : Common Platform Enumeration

TypeDescriptionCount
Application 17
Application 7
Application 10
Application 7
Application 29
Application 12
Application 23
Application 19
Application 23
Application 8
Application 19
Application 13
Application 24
Application 1
Application 1
Application 6
Application 1
Application 4
Application 6
Application 6
Application 1
Hardware 7
Hardware 6
Hardware 3
Os 5
Os 2
Os 2077
Os 1
Os 1
Os 2
Os 1
Os 1
Os 1
Os 2

ExploitDB Exploits

id Description
2014-05-26 Linux kernel 3.14-rc1 <= 3.15-rc4 - Raw Mode PTY Local Echo Race Condition...

Nessus® Vulnerability Scanner

Date Description
2017-04-03 Name : The remote OracleVM host is missing one or more security updates.
File : oraclevm_OVMSA-2017-0057.nasl - Type : ACT_GATHER_INFO
2015-03-13 Name : The remote Oracle Linux host is missing one or more security updates.
File : oraclelinux_ELSA-2015-0290.nasl - Type : ACT_GATHER_INFO
2014-11-08 Name : The remote Red Hat host is missing one or more security updates.
File : redhat-RHSA-2014-0520.nasl - Type : ACT_GATHER_INFO
2014-11-08 Name : The remote Red Hat host is missing one or more security updates.
File : redhat-RHSA-2014-0512.nasl - Type : ACT_GATHER_INFO
2014-10-12 Name : The remote Amazon Linux AMI host is missing a security update.
File : ala_ALAS-2014-392.nasl - Type : ACT_GATHER_INFO
2014-10-12 Name : The remote Amazon Linux AMI host is missing a security update.
File : ala_ALAS-2014-339.nasl - Type : ACT_GATHER_INFO
2014-10-10 Name : The remote device is missing a vendor-supplied security patch.
File : f5_bigip_SOL15319.nasl - Type : ACT_GATHER_INFO
2014-07-31 Name : The remote Oracle Linux host is missing one or more security updates.
File : oraclelinux_ELSA-2014-3054.nasl - Type : ACT_GATHER_INFO
2014-07-31 Name : The remote Oracle Linux host is missing one or more security updates.
File : oraclelinux_ELSA-2014-3053.nasl - Type : ACT_GATHER_INFO
2014-07-30 Name : The remote Red Hat host is missing one or more security updates.
File : redhat-RHSA-2014-0678.nasl - Type : ACT_GATHER_INFO
2014-07-24 Name : The remote Oracle Linux host is missing one or more security updates.
File : oraclelinux_ELSA-2014-0678.nasl - Type : ACT_GATHER_INFO
2014-07-22 Name : The remote Red Hat host is missing one or more security updates.
File : redhat-RHSA-2014-0557.nasl - Type : ACT_GATHER_INFO
2014-06-28 Name : The remote Ubuntu host is missing one or more security-related patches.
File : ubuntu_USN-2260-1.nasl - Type : ACT_GATHER_INFO
2014-06-13 Name : The remote Mandriva Linux host is missing one or more security updates.
File : mandriva_MDVSA-2014-124.nasl - Type : ACT_GATHER_INFO
2014-06-13 Name : The remote openSUSE host is missing a security update.
File : openSUSE-2014-376.nasl - Type : ACT_GATHER_INFO
2014-06-13 Name : The remote openSUSE host is missing a security update.
File : openSUSE-2014-375.nasl - Type : ACT_GATHER_INFO
2014-05-22 Name : The remote Fedora host is missing a security update.
File : fedora_2014-6354.nasl - Type : ACT_GATHER_INFO
2014-05-20 Name : The remote Oracle Linux host is missing one or more security updates.
File : oraclelinux_ELSA-2014-3034.nasl - Type : ACT_GATHER_INFO
2014-05-16 Name : The remote SuSE 11 host is missing one or more security updates.
File : suse_11_kernel-140513.nasl - Type : ACT_GATHER_INFO
2014-05-16 Name : The remote Debian host is missing a security-related update.
File : debian_DSA-2928.nasl - Type : ACT_GATHER_INFO
2014-05-13 Name : The remote Debian host is missing a security-related update.
File : debian_DSA-2926.nasl - Type : ACT_GATHER_INFO
2014-05-12 Name : The remote Fedora host is missing a security update.
File : fedora_2014-6122.nasl - Type : ACT_GATHER_INFO
2014-05-06 Name : The remote Ubuntu host is missing one or more security-related patches.
File : ubuntu_USN-2196-1.nasl - Type : ACT_GATHER_INFO
2014-05-06 Name : The remote Ubuntu host is missing one or more security-related patches.
File : ubuntu_USN-2204-1.nasl - Type : ACT_GATHER_INFO
2014-05-06 Name : The remote Ubuntu host is missing one or more security-related patches.
File : ubuntu_USN-2203-1.nasl - Type : ACT_GATHER_INFO
2014-05-06 Name : The remote Ubuntu host is missing one or more security-related patches.
File : ubuntu_USN-2202-1.nasl - Type : ACT_GATHER_INFO
2014-05-06 Name : The remote Ubuntu host is missing one or more security-related patches.
File : ubuntu_USN-2201-1.nasl - Type : ACT_GATHER_INFO
2014-05-06 Name : The remote Ubuntu host is missing a security-related patch.
File : ubuntu_USN-2200-1.nasl - Type : ACT_GATHER_INFO
2014-05-06 Name : The remote Ubuntu host is missing a security-related patch.
File : ubuntu_USN-2199-1.nasl - Type : ACT_GATHER_INFO
2014-05-06 Name : The remote Ubuntu host is missing one or more security-related patches.
File : ubuntu_USN-2198-1.nasl - Type : ACT_GATHER_INFO
2014-05-06 Name : The remote Ubuntu host is missing a security-related patch.
File : ubuntu_USN-2197-1.nasl - Type : ACT_GATHER_INFO

Alert History

If you want to see full details history, please login or register.
0
1
2
3
Date Informations
2014-05-07 21:29:39
  • Multiple Updates
2014-05-07 17:26:43
  • Multiple Updates
2014-05-07 13:26:19
  • Multiple Updates
2014-05-06 05:19:53
  • First insertion