cve-2014-0196
Vulnerability from cvelistv5
Published
2014-05-07 10:00
Modified
2024-08-06 09:05
Severity ?
Summary
The n_tty_write function in drivers/tty/n_tty.c in the Linux kernel through 3.14.3 does not properly manage tty driver access in the "LECHO & !OPOST" case, which allows local users to cause a denial of service (memory corruption and system crash) or gain privileges by triggering a race condition involving read and write operations with long strings.
References
secalert@redhat.comhttp://bugzilla.novell.com/show_bug.cgi?id=875690Issue Tracking, Permissions Required, Third Party Advisory
secalert@redhat.comhttp://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commit%3Bh=4291086b1f081b869c6d79e5b7441633dc3ace00Broken Link
secalert@redhat.comhttp://linux.oracle.com/errata/ELSA-2014-0771.htmlThird Party Advisory
secalert@redhat.comhttp://lists.opensuse.org/opensuse-security-announce/2014-05/msg00007.htmlMailing List, Third Party Advisory
secalert@redhat.comhttp://lists.opensuse.org/opensuse-security-announce/2014-05/msg00012.htmlMailing List, Third Party Advisory
secalert@redhat.comhttp://pastebin.com/raw.php?i=yTSFUBgZExploit, Mailing List, Third Party Advisory
secalert@redhat.comhttp://rhn.redhat.com/errata/RHSA-2014-0512.htmlThird Party Advisory
secalert@redhat.comhttp://secunia.com/advisories/59218Not Applicable
secalert@redhat.comhttp://secunia.com/advisories/59262Broken Link
secalert@redhat.comhttp://secunia.com/advisories/59599Broken Link
secalert@redhat.comhttp://source.android.com/security/bulletin/2016-07-01.htmlNot Applicable
secalert@redhat.comhttp://support.f5.com/kb/en-us/solutions/public/15000/300/sol15319.htmlThird Party Advisory
secalert@redhat.comhttp://www.debian.org/security/2014/dsa-2926Third Party Advisory
secalert@redhat.comhttp://www.debian.org/security/2014/dsa-2928Third Party Advisory
secalert@redhat.comhttp://www.exploit-db.com/exploits/33516Exploit, Third Party Advisory, VDB Entry
secalert@redhat.comhttp://www.openwall.com/lists/oss-security/2014/05/05/6Mailing List, Third Party Advisory
secalert@redhat.comhttp://www.osvdb.org/106646Broken Link
secalert@redhat.comhttp://www.ubuntu.com/usn/USN-2196-1Third Party Advisory
secalert@redhat.comhttp://www.ubuntu.com/usn/USN-2197-1Third Party Advisory
secalert@redhat.comhttp://www.ubuntu.com/usn/USN-2198-1Third Party Advisory
secalert@redhat.comhttp://www.ubuntu.com/usn/USN-2199-1Third Party Advisory
secalert@redhat.comhttp://www.ubuntu.com/usn/USN-2200-1Third Party Advisory
secalert@redhat.comhttp://www.ubuntu.com/usn/USN-2201-1Third Party Advisory
secalert@redhat.comhttp://www.ubuntu.com/usn/USN-2202-1Third Party Advisory
secalert@redhat.comhttp://www.ubuntu.com/usn/USN-2203-1Third Party Advisory
secalert@redhat.comhttp://www.ubuntu.com/usn/USN-2204-1Third Party Advisory
secalert@redhat.comhttps://bugzilla.redhat.com/show_bug.cgi?id=1094232Issue Tracking, Patch, Third Party Advisory
secalert@redhat.comhttps://github.com/torvalds/linux/commit/4291086b1f081b869c6d79e5b7441633dc3ace00Exploit, Patch, Third Party Advisory
Impacted products
n/an/a
CISA Known exploited vulnerability
Data from the Known Exploited Vulnerabilities Catalog

Date added: 2023-05-12

Due date: 2023-06-02

Required action: The impacted product is end-of-life and should be disconnected if still in use.

Used in ransomware: Unknown

Notes: https://lkml.iu.edu/hypermail/linux/kernel/1609.1/02103.html; https://nvd.nist.gov/vuln/detail/CVE-2014-0196

Show details on NVD website


{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-06T09:05:39.223Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "name": "USN-2203-1",
            "tags": [
              "vendor-advisory",
              "x_refsource_UBUNTU",
              "x_transferred"
            ],
            "url": "http://www.ubuntu.com/usn/USN-2203-1"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://support.f5.com/kb/en-us/solutions/public/15000/300/sol15319.html"
          },
          {
            "name": "106646",
            "tags": [
              "vdb-entry",
              "x_refsource_OSVDB",
              "x_transferred"
            ],
            "url": "http://www.osvdb.org/106646"
          },
          {
            "name": "SUSE-SU-2014:0683",
            "tags": [
              "vendor-advisory",
              "x_refsource_SUSE",
              "x_transferred"
            ],
            "url": "http://lists.opensuse.org/opensuse-security-announce/2014-05/msg00012.html"
          },
          {
            "name": "[oss-security] 20140429 CVE-2014-0196: Linux kernel pty layer race condition memory corruption",
            "tags": [
              "mailing-list",
              "x_refsource_MLIST",
              "x_transferred"
            ],
            "url": "http://www.openwall.com/lists/oss-security/2014/05/05/6"
          },
          {
            "name": "59262",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/59262"
          },
          {
            "name": "USN-2204-1",
            "tags": [
              "vendor-advisory",
              "x_refsource_UBUNTU",
              "x_transferred"
            ],
            "url": "http://www.ubuntu.com/usn/USN-2204-1"
          },
          {
            "name": "59218",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/59218"
          },
          {
            "name": "USN-2202-1",
            "tags": [
              "vendor-advisory",
              "x_refsource_UBUNTU",
              "x_transferred"
            ],
            "url": "http://www.ubuntu.com/usn/USN-2202-1"
          },
          {
            "name": "33516",
            "tags": [
              "exploit",
              "x_refsource_EXPLOIT-DB",
              "x_transferred"
            ],
            "url": "http://www.exploit-db.com/exploits/33516"
          },
          {
            "name": "DSA-2928",
            "tags": [
              "vendor-advisory",
              "x_refsource_DEBIAN",
              "x_transferred"
            ],
            "url": "http://www.debian.org/security/2014/dsa-2928"
          },
          {
            "name": "USN-2199-1",
            "tags": [
              "vendor-advisory",
              "x_refsource_UBUNTU",
              "x_transferred"
            ],
            "url": "http://www.ubuntu.com/usn/USN-2199-1"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://linux.oracle.com/errata/ELSA-2014-0771.html"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1094232"
          },
          {
            "name": "USN-2197-1",
            "tags": [
              "vendor-advisory",
              "x_refsource_UBUNTU",
              "x_transferred"
            ],
            "url": "http://www.ubuntu.com/usn/USN-2197-1"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://source.android.com/security/bulletin/2016-07-01.html"
          },
          {
            "name": "RHSA-2014:0512",
            "tags": [
              "vendor-advisory",
              "x_refsource_REDHAT",
              "x_transferred"
            ],
            "url": "http://rhn.redhat.com/errata/RHSA-2014-0512.html"
          },
          {
            "name": "59599",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/59599"
          },
          {
            "name": "DSA-2926",
            "tags": [
              "vendor-advisory",
              "x_refsource_DEBIAN",
              "x_transferred"
            ],
            "url": "http://www.debian.org/security/2014/dsa-2926"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://github.com/torvalds/linux/commit/4291086b1f081b869c6d79e5b7441633dc3ace00"
          },
          {
            "name": "SUSE-SU-2014:0667",
            "tags": [
              "vendor-advisory",
              "x_refsource_SUSE",
              "x_transferred"
            ],
            "url": "http://lists.opensuse.org/opensuse-security-announce/2014-05/msg00007.html"
          },
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "http://pastebin.com/raw.php?i=yTSFUBgZ"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commit%3Bh=4291086b1f081b869c6d79e5b7441633dc3ace00"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://bugzilla.novell.com/show_bug.cgi?id=875690"
          },
          {
            "name": "USN-2198-1",
            "tags": [
              "vendor-advisory",
              "x_refsource_UBUNTU",
              "x_transferred"
            ],
            "url": "http://www.ubuntu.com/usn/USN-2198-1"
          },
          {
            "name": "USN-2200-1",
            "tags": [
              "vendor-advisory",
              "x_refsource_UBUNTU",
              "x_transferred"
            ],
            "url": "http://www.ubuntu.com/usn/USN-2200-1"
          },
          {
            "name": "USN-2201-1",
            "tags": [
              "vendor-advisory",
              "x_refsource_UBUNTU",
              "x_transferred"
            ],
            "url": "http://www.ubuntu.com/usn/USN-2201-1"
          },
          {
            "name": "USN-2196-1",
            "tags": [
              "vendor-advisory",
              "x_refsource_UBUNTU",
              "x_transferred"
            ],
            "url": "http://www.ubuntu.com/usn/USN-2196-1"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "n/a",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "datePublic": "2014-04-29T00:00:00",
      "descriptions": [
        {
          "lang": "en",
          "value": "The n_tty_write function in drivers/tty/n_tty.c in the Linux kernel through 3.14.3 does not properly manage tty driver access in the \"LECHO \u0026 !OPOST\" case, which allows local users to cause a denial of service (memory corruption and system crash) or gain privileges by triggering a race condition involving read and write operations with long strings."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "n/a",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2017-01-05T14:57:01",
        "orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
        "shortName": "redhat"
      },
      "references": [
        {
          "name": "USN-2203-1",
          "tags": [
            "vendor-advisory",
            "x_refsource_UBUNTU"
          ],
          "url": "http://www.ubuntu.com/usn/USN-2203-1"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://support.f5.com/kb/en-us/solutions/public/15000/300/sol15319.html"
        },
        {
          "name": "106646",
          "tags": [
            "vdb-entry",
            "x_refsource_OSVDB"
          ],
          "url": "http://www.osvdb.org/106646"
        },
        {
          "name": "SUSE-SU-2014:0683",
          "tags": [
            "vendor-advisory",
            "x_refsource_SUSE"
          ],
          "url": "http://lists.opensuse.org/opensuse-security-announce/2014-05/msg00012.html"
        },
        {
          "name": "[oss-security] 20140429 CVE-2014-0196: Linux kernel pty layer race condition memory corruption",
          "tags": [
            "mailing-list",
            "x_refsource_MLIST"
          ],
          "url": "http://www.openwall.com/lists/oss-security/2014/05/05/6"
        },
        {
          "name": "59262",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/59262"
        },
        {
          "name": "USN-2204-1",
          "tags": [
            "vendor-advisory",
            "x_refsource_UBUNTU"
          ],
          "url": "http://www.ubuntu.com/usn/USN-2204-1"
        },
        {
          "name": "59218",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/59218"
        },
        {
          "name": "USN-2202-1",
          "tags": [
            "vendor-advisory",
            "x_refsource_UBUNTU"
          ],
          "url": "http://www.ubuntu.com/usn/USN-2202-1"
        },
        {
          "name": "33516",
          "tags": [
            "exploit",
            "x_refsource_EXPLOIT-DB"
          ],
          "url": "http://www.exploit-db.com/exploits/33516"
        },
        {
          "name": "DSA-2928",
          "tags": [
            "vendor-advisory",
            "x_refsource_DEBIAN"
          ],
          "url": "http://www.debian.org/security/2014/dsa-2928"
        },
        {
          "name": "USN-2199-1",
          "tags": [
            "vendor-advisory",
            "x_refsource_UBUNTU"
          ],
          "url": "http://www.ubuntu.com/usn/USN-2199-1"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://linux.oracle.com/errata/ELSA-2014-0771.html"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1094232"
        },
        {
          "name": "USN-2197-1",
          "tags": [
            "vendor-advisory",
            "x_refsource_UBUNTU"
          ],
          "url": "http://www.ubuntu.com/usn/USN-2197-1"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://source.android.com/security/bulletin/2016-07-01.html"
        },
        {
          "name": "RHSA-2014:0512",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "http://rhn.redhat.com/errata/RHSA-2014-0512.html"
        },
        {
          "name": "59599",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/59599"
        },
        {
          "name": "DSA-2926",
          "tags": [
            "vendor-advisory",
            "x_refsource_DEBIAN"
          ],
          "url": "http://www.debian.org/security/2014/dsa-2926"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://github.com/torvalds/linux/commit/4291086b1f081b869c6d79e5b7441633dc3ace00"
        },
        {
          "name": "SUSE-SU-2014:0667",
          "tags": [
            "vendor-advisory",
            "x_refsource_SUSE"
          ],
          "url": "http://lists.opensuse.org/opensuse-security-announce/2014-05/msg00007.html"
        },
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "http://pastebin.com/raw.php?i=yTSFUBgZ"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commit%3Bh=4291086b1f081b869c6d79e5b7441633dc3ace00"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://bugzilla.novell.com/show_bug.cgi?id=875690"
        },
        {
          "name": "USN-2198-1",
          "tags": [
            "vendor-advisory",
            "x_refsource_UBUNTU"
          ],
          "url": "http://www.ubuntu.com/usn/USN-2198-1"
        },
        {
          "name": "USN-2200-1",
          "tags": [
            "vendor-advisory",
            "x_refsource_UBUNTU"
          ],
          "url": "http://www.ubuntu.com/usn/USN-2200-1"
        },
        {
          "name": "USN-2201-1",
          "tags": [
            "vendor-advisory",
            "x_refsource_UBUNTU"
          ],
          "url": "http://www.ubuntu.com/usn/USN-2201-1"
        },
        {
          "name": "USN-2196-1",
          "tags": [
            "vendor-advisory",
            "x_refsource_UBUNTU"
          ],
          "url": "http://www.ubuntu.com/usn/USN-2196-1"
        }
      ]
    }
  },
  "cveMetadata": {
    "assignerOrgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
    "assignerShortName": "redhat",
    "cveId": "CVE-2014-0196",
    "datePublished": "2014-05-07T10:00:00",
    "dateReserved": "2013-12-03T00:00:00",
    "dateUpdated": "2024-08-06T09:05:39.223Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1",
  "meta": {
    "cisa_known_exploited": {
      "cveID": "CVE-2014-0196",
      "cwes": "[\"CWE-362\"]",
      "dateAdded": "2023-05-12",
      "dueDate": "2023-06-02",
      "knownRansomwareCampaignUse": "Unknown",
      "notes": "https://lkml.iu.edu/hypermail/linux/kernel/1609.1/02103.html; https://nvd.nist.gov/vuln/detail/CVE-2014-0196",
      "product": "Kernel",
      "requiredAction": "The impacted product is end-of-life and should be disconnected if still in use.",
      "shortDescription": "Linux Kernel contains a race condition vulnerability within the n_tty_write function that allows local users to cause a denial-of-service (DoS) or gain privileges via read and write operations with long strings.",
      "vendorProject": "Linux",
      "vulnerabilityName": "Linux Kernel Race Condition Vulnerability"
    },
    "nvd": "{\"cve\":{\"id\":\"CVE-2014-0196\",\"sourceIdentifier\":\"secalert@redhat.com\",\"published\":\"2014-05-07T10:55:04.337\",\"lastModified\":\"2024-02-09T19:24:10.937\",\"vulnStatus\":\"Analyzed\",\"cisaExploitAdd\":\"2023-05-12\",\"cisaActionDue\":\"2023-06-02\",\"cisaRequiredAction\":\"The impacted product is end-of-life and should be disconnected if still in use.\",\"cisaVulnerabilityName\":\"Linux Kernel Race Condition Vulnerability\",\"descriptions\":[{\"lang\":\"en\",\"value\":\"The n_tty_write function in drivers/tty/n_tty.c in the Linux kernel through 3.14.3 does not properly manage tty driver access in the \\\"LECHO \u0026 !OPOST\\\" case, which allows local users to cause a denial of service (memory corruption and system crash) or gain privileges by triggering a race condition involving read and write operations with long strings.\"},{\"lang\":\"es\",\"value\":\"La funci\u00f3n n_tty_write en drivers/tty/n_tty.c en el kernel de Linux hasta 3.14.3 no maneja debidamente acceso al controlador tty en el caso \u0027LECHO \u0026 !OPOST\u0027, lo que permite a usuarios locales causar una denegaci\u00f3n de servicio (consumo de memoria y ca\u00edda de sistema) o ganar privilegios mediante la provocaci\u00f3n de una condici\u00f3n de carrera involucrando operaciones de lectura y escritura con cadenas largas.\"}],\"metrics\":{\"cvssMetricV2\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"cvssData\":{\"version\":\"2.0\",\"vectorString\":\"AV:L/AC:M/Au:N/C:C/I:C/A:C\",\"accessVector\":\"LOCAL\",\"accessComplexity\":\"MEDIUM\",\"authentication\":\"NONE\",\"confidentialityImpact\":\"COMPLETE\",\"integrityImpact\":\"COMPLETE\",\"availabilityImpact\":\"COMPLETE\",\"baseScore\":6.9},\"baseSeverity\":\"MEDIUM\",\"exploitabilityScore\":3.4,\"impactScore\":10.0,\"acInsufInfo\":false,\"obtainAllPrivilege\":false,\"obtainUserPrivilege\":false,\"obtainOtherPrivilege\":false,\"userInteractionRequired\":false}]},\"weaknesses\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"description\":[{\"lang\":\"en\",\"value\":\"CWE-362\"}]}],\"configurations\":[{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*\",\"versionStartExcluding\":\"2.6.31\",\"versionEndExcluding\":\"3.2.59\",\"matchCriteriaId\":\"FFDB0B31-FFF7-471B-9352-29099002BED7\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"3.3\",\"versionEndExcluding\":\"3.4.91\",\"matchCriteriaId\":\"992BFD6A-701C-4412-9220-F6C77B4E64F3\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"3.5\",\"versionEndExcluding\":\"3.10.40\",\"matchCriteriaId\":\"287DC65B-A513-4FB9-A1CF-69F428030DF8\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"3.11\",\"versionEndExcluding\":\"3.12.20\",\"matchCriteriaId\":\"D82F8C94-5FA7-4A7A-8855-ECF21B3BBD42\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"3.13\",\"versionEndExcluding\":\"3.14.4\",\"matchCriteriaId\":\"9996644C-371E-49B9-A494-733B1EA513EC\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:linux:linux_kernel:2.6.31:-:*:*:*:*:*:*\",\"matchCriteriaId\":\"2887290A-1B43-4DB9-A9D0-B0B56CD78E48\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:linux:linux_kernel:2.6.31:rc3:*:*:*:*:*:*\",\"matchCriteriaId\":\"A2507858-675B-4DA2-A49E-00DB54700CF3\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:linux:linux_kernel:2.6.31:rc4:*:*:*:*:*:*\",\"matchCriteriaId\":\"0A25EA55-3F1C-440C-A383-0BB9556C9508\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:linux:linux_kernel:2.6.31:rc5:*:*:*:*:*:*\",\"matchCriteriaId\":\"B2665356-4EF5-4543-AD15-67FDB851DCCD\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:linux:linux_kernel:2.6.31:rc6:*:*:*:*:*:*\",\"matchCriteriaId\":\"26E7609B-B058-496D-ACDD-7F69FBDE89E5\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:linux:linux_kernel:2.6.31:rc7:*:*:*:*:*:*\",\"matchCriteriaId\":\"210BF049-8B3C-4ACC-BF8E-2C3551477602\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:linux:linux_kernel:2.6.31:rc8:*:*:*:*:*:*\",\"matchCriteriaId\":\"1837F32C-80D3-4E10-AE5D-E9F5A11A434E\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:linux:linux_kernel:2.6.31:rc9:*:*:*:*:*:*\",\"matchCriteriaId\":\"4B4E132B-A69A-4CD1-B4D9-E17C4361A3AC\"}]}]},{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:debian:debian_linux:6.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"036E8A89-7A16-411F-9D31-676313BB7244\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:debian:debian_linux:7.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"16F59A04-14CF-49E2-9973-645477EA09DA\"}]}]},{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:redhat:enterprise_linux:6.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"2F6AB192-9D7D-4A9A-8995-E53A9DE9EAFC\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:redhat:enterprise_linux_eus:6.3:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"8382A145-CDD9-437E-9DE7-A349956778B3\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:redhat:enterprise_linux_eus:6.4:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"8A8E07B7-3739-4BEB-88F8-C7F62431E889\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:redhat:enterprise_linux_server_eus:6.3:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"413CC30E-5FFE-47A4-B38B-80E3A9B13238\"}]}]},{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:suse:suse_linux_enterprise_desktop:11:sp3:*:*:*:-:*:*\",\"matchCriteriaId\":\"DD41513F-36F9-459C-A0CB-26C025E63CDD\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:suse:suse_linux_enterprise_high_availability_extension:11:sp3:*:*:*:*:*:*\",\"matchCriteriaId\":\"B39F3060-6F9E-4F20-8924-FEF5ED8A30CD\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:suse:suse_linux_enterprise_server:11:sp3:*:*:*:-:*:*\",\"matchCriteriaId\":\"B2866FAF-4340-4EA7-9009-6594ADA27AF9\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:suse:suse_linux_enterprise_server:11:sp3:*:*:*:vmware:*:*\",\"matchCriteriaId\":\"0EA03350-8702-43D5-8605-5FB765A3F60B\"}]}]},{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:oracle:linux:6:-:*:*:*:*:*:*\",\"matchCriteriaId\":\"D7B037A8-72A6-4DFF-94B2-D688A5F6F876\"}]}]},{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:canonical:ubuntu_linux:10.04:*:*:*:-:*:*:*\",\"matchCriteriaId\":\"01EDA41C-6B2E-49AF-B503-EB3882265C11\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:canonical:ubuntu_linux:12.04:*:*:*:esm:*:*:*\",\"matchCriteriaId\":\"8D305F7A-D159-4716-AB26-5E38BB5CD991\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:canonical:ubuntu_linux:12.10:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"E2076871-2E80-4605-A470-A41C1A8EC7EE\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:canonical:ubuntu_linux:13.10:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"7F61F047-129C-41A6-8A27-FFCBB8563E91\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:canonical:ubuntu_linux:14.04:*:*:*:esm:*:*:*\",\"matchCriteriaId\":\"815D70A8-47D3-459C-A32C-9FEACA0659D1\"}]}]},{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:f5:big-ip_access_policy_manager:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"11.1.0\",\"versionEndIncluding\":\"11.5.1\",\"matchCriteriaId\":\"8F315708-017C-4362-9C09-6774F89D9370\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:f5:big-ip_advanced_firewall_manager:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"11.3.0\",\"versionEndIncluding\":\"11.5.1\",\"matchCriteriaId\":\"48BBEF73-E87D-467F-85EB-47BE212DF0E8\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:f5:big-ip_analytics:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"11.1.0\",\"versionEndIncluding\":\"11.5.1\",\"matchCriteriaId\":\"A430FFB4-418C-43DA-8E17-020618A77A56\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:f5:big-ip_application_acceleration_manager:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"11.4.0\",\"versionEndIncluding\":\"11.5.1\",\"matchCriteriaId\":\"C483253F-841E-4D4E-9B4A-932E9D07268B\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:f5:big-ip_application_security_manager:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"11.1.0\",\"versionEndIncluding\":\"11.5.1\",\"matchCriteriaId\":\"7A0CC74C-6914-4A6F-A1CE-65A695AE31F6\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:f5:big-ip_edge_gateway:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"11.1.0\",\"versionEndIncluding\":\"11.3.0\",\"matchCriteriaId\":\"9FF30167-0241-4136-82F8-2D2FB545C19A\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:f5:big-ip_global_traffic_manager:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"11.1.0\",\"versionEndIncluding\":\"11.5.1\",\"matchCriteriaId\":\"54A45725-FECD-4CA9-BFA4-E13FCDFDDF13\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:f5:big-ip_link_controller:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"11.1.0\",\"versionEndIncluding\":\"11.5.1\",\"matchCriteriaId\":\"8C596B3F-9D93-49D2-99D7-D590CC9AEAA5\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:f5:big-ip_local_traffic_manager:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"11.1.0\",\"versionEndIncluding\":\"11.5.1\",\"matchCriteriaId\":\"D8696A6B-1B56-43B5-A506-21E17735B9CA\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:f5:big-ip_policy_enforcement_manager:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"11.3.0\",\"versionEndIncluding\":\"11.5.1\",\"matchCriteriaId\":\"E9A06D61-E6CB-4A8A-B06D-9FEA1812C167\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:f5:big-ip_protocol_security_module:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"11.1.0\",\"versionEndIncluding\":\"11.4.1\",\"matchCriteriaId\":\"8C666A18-9DED-4B49-92DE-474403FC17BF\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:f5:big-ip_wan_optimization_manager:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"11.1.0\",\"versionEndIncluding\":\"11.3.0\",\"matchCriteriaId\":\"A6B52D60-38DB-4BE9-91F4-B6553F5E5A93\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:f5:big-ip_webaccelerator:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"11.1.0\",\"versionEndIncluding\":\"11.3.0\",\"matchCriteriaId\":\"E1E3204F-9464-4AC3-819B-D1A6B399FAE3\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:f5:big-iq_application_delivery_controller:4.5.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"222B4DE7-1D3D-40DF-A9EB-EFABDA8FAEA6\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:f5:big-iq_centralized_management:4.6.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"24AEF0B2-7C8C-432C-A840-C2441A70343F\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:f5:big-iq_cloud:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"4.0.0\",\"versionEndIncluding\":\"4.5.0\",\"matchCriteriaId\":\"8C8BF865-BA45-4711-829F-EC8E5EA22D2F\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:f5:big-iq_cloud_and_orchestration:1.0.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"E21D6206-4716-47FE-A733-F18343656E94\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:f5:big-iq_device:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"4.2.0\",\"versionEndIncluding\":\"4.5.0\",\"matchCriteriaId\":\"3BC0EAFD-DA5E-4A1B-81CB-0D5A964F9EB6\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:f5:big-iq_security:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"4.0.0\",\"versionEndIncluding\":\"4.5.0\",\"matchCriteriaId\":\"6B3E56EB-202A-4F58-8E94-B2DDA1693498\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:f5:enterprise_manager:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"3.1.0\",\"versionEndIncluding\":\"3.1.1\",\"matchCriteriaId\":\"96A9D473-86E0-463E-94C3-0E76B2CB1EEF\"}]}]}],\"references\":[{\"url\":\"http://bugzilla.novell.com/show_bug.cgi?id=875690\",\"source\":\"secalert@redhat.com\",\"tags\":[\"Issue Tracking\",\"Permissions Required\",\"Third Party Advisory\"]},{\"url\":\"http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commit%3Bh=4291086b1f081b869c6d79e5b7441633dc3ace00\",\"source\":\"secalert@redhat.com\",\"tags\":[\"Broken Link\"]},{\"url\":\"http://linux.oracle.com/errata/ELSA-2014-0771.html\",\"source\":\"secalert@redhat.com\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"http://lists.opensuse.org/opensuse-security-announce/2014-05/msg00007.html\",\"source\":\"secalert@redhat.com\",\"tags\":[\"Mailing List\",\"Third Party Advisory\"]},{\"url\":\"http://lists.opensuse.org/opensuse-security-announce/2014-05/msg00012.html\",\"source\":\"secalert@redhat.com\",\"tags\":[\"Mailing List\",\"Third Party Advisory\"]},{\"url\":\"http://pastebin.com/raw.php?i=yTSFUBgZ\",\"source\":\"secalert@redhat.com\",\"tags\":[\"Exploit\",\"Mailing List\",\"Third Party Advisory\"]},{\"url\":\"http://rhn.redhat.com/errata/RHSA-2014-0512.html\",\"source\":\"secalert@redhat.com\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"http://secunia.com/advisories/59218\",\"source\":\"secalert@redhat.com\",\"tags\":[\"Not Applicable\"]},{\"url\":\"http://secunia.com/advisories/59262\",\"source\":\"secalert@redhat.com\",\"tags\":[\"Broken Link\"]},{\"url\":\"http://secunia.com/advisories/59599\",\"source\":\"secalert@redhat.com\",\"tags\":[\"Broken Link\"]},{\"url\":\"http://source.android.com/security/bulletin/2016-07-01.html\",\"source\":\"secalert@redhat.com\",\"tags\":[\"Not Applicable\"]},{\"url\":\"http://support.f5.com/kb/en-us/solutions/public/15000/300/sol15319.html\",\"source\":\"secalert@redhat.com\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"http://www.debian.org/security/2014/dsa-2926\",\"source\":\"secalert@redhat.com\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"http://www.debian.org/security/2014/dsa-2928\",\"source\":\"secalert@redhat.com\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"http://www.exploit-db.com/exploits/33516\",\"source\":\"secalert@redhat.com\",\"tags\":[\"Exploit\",\"Third Party Advisory\",\"VDB Entry\"]},{\"url\":\"http://www.openwall.com/lists/oss-security/2014/05/05/6\",\"source\":\"secalert@redhat.com\",\"tags\":[\"Mailing List\",\"Third Party Advisory\"]},{\"url\":\"http://www.osvdb.org/106646\",\"source\":\"secalert@redhat.com\",\"tags\":[\"Broken Link\"]},{\"url\":\"http://www.ubuntu.com/usn/USN-2196-1\",\"source\":\"secalert@redhat.com\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"http://www.ubuntu.com/usn/USN-2197-1\",\"source\":\"secalert@redhat.com\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"http://www.ubuntu.com/usn/USN-2198-1\",\"source\":\"secalert@redhat.com\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"http://www.ubuntu.com/usn/USN-2199-1\",\"source\":\"secalert@redhat.com\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"http://www.ubuntu.com/usn/USN-2200-1\",\"source\":\"secalert@redhat.com\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"http://www.ubuntu.com/usn/USN-2201-1\",\"source\":\"secalert@redhat.com\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"http://www.ubuntu.com/usn/USN-2202-1\",\"source\":\"secalert@redhat.com\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"http://www.ubuntu.com/usn/USN-2203-1\",\"source\":\"secalert@redhat.com\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"http://www.ubuntu.com/usn/USN-2204-1\",\"source\":\"secalert@redhat.com\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://bugzilla.redhat.com/show_bug.cgi?id=1094232\",\"source\":\"secalert@redhat.com\",\"tags\":[\"Issue Tracking\",\"Patch\",\"Third Party Advisory\"]},{\"url\":\"https://github.com/torvalds/linux/commit/4291086b1f081b869c6d79e5b7441633dc3ace00\",\"source\":\"secalert@redhat.com\",\"tags\":[\"Exploit\",\"Patch\",\"Third Party Advisory\"]}]}}"
  }
}


Log in or create an account to share your comment.




Tags
Taxonomy of the tags.


Loading...

Loading...

Loading...

Sightings

Author Source Type Date

Nomenclature

  • Seen: The vulnerability was mentioned, discussed, or seen somewhere by the user.
  • Confirmed: The vulnerability is confirmed from an analyst perspective.
  • Exploited: This vulnerability was exploited and seen by the user reporting the sighting.
  • Patched: This vulnerability was successfully patched by the user reporting the sighting.
  • Not exploited: This vulnerability was not exploited or seen by the user reporting the sighting.
  • Not confirmed: The user expresses doubt about the veracity of the vulnerability.
  • Not patched: This vulnerability was not successfully patched by the user reporting the sighting.