** Description changed: - The tty atomic_write_lock does not provide an exclusion guarantee for - the tty driver if the termios settings are LECHO & !OPOST. And since it - is unexpected and not allowed to call TTY buffer helpers like - tty_insert_flip_string concurrently, this may lead to crashes when - concurrect writers call pty_write. In that case the following two + The n_tty_write function in drivers/tty/n_tty.c in the Linux kernel + through 3.14.3 does not properly manage tty driver access in the "LECHO + & !OPOST" case, which allows local users to cause a denial of service + (memory corruption and system crash) or gain privileges by triggering a + race condition involving read and write operations with long strings. Break-Fix: d945cb9cce20ac7143c2de8d88b187f62db99bdc 4291086b1f081b869c6d79e5b7441633dc3ace00
-- You received this bug notification because you are a member of Kernel Packages, which is subscribed to linux-armadaxp in Ubuntu. https://bugs.launchpad.net/bugs/1314762 Title: CVE-2014-0196 Status in “linux” package in Ubuntu: New Status in “linux-armadaxp” package in Ubuntu: Invalid Status in “linux-ec2” package in Ubuntu: Invalid Status in “linux-fsl-imx51” package in Ubuntu: Invalid Status in “linux-lts-quantal” package in Ubuntu: Invalid Status in “linux-lts-raring” package in Ubuntu: Invalid Status in “linux-lts-saucy” package in Ubuntu: Invalid Status in “linux-mvl-dove” package in Ubuntu: Invalid Status in “linux-ti-omap4” package in Ubuntu: Invalid Status in “linux” source package in Lucid: Fix Released Status in “linux-armadaxp” source package in Lucid: Invalid Status in “linux-ec2” source package in Lucid: Fix Released Status in “linux-fsl-imx51” source package in Lucid: Invalid Status in “linux-lts-quantal” source package in Lucid: Invalid Status in “linux-lts-raring” source package in Lucid: Invalid Status in “linux-lts-saucy” source package in Lucid: Invalid Status in “linux-mvl-dove” source package in Lucid: Invalid Status in “linux-ti-omap4” source package in Lucid: Invalid Status in “linux” source package in Precise: Fix Released Status in “linux-armadaxp” source package in Precise: Fix Committed Status in “linux-ec2” source package in Precise: Invalid Status in “linux-fsl-imx51” source package in Precise: Invalid Status in “linux-lts-quantal” source package in Precise: Fix Released Status in “linux-lts-raring” source package in Precise: Fix Released Status in “linux-lts-saucy” source package in Precise: Fix Released Status in “linux-mvl-dove” source package in Precise: Invalid Status in “linux-ti-omap4” source package in Precise: Fix Committed Status in “linux” source package in Quantal: Fix Released Status in “linux-armadaxp” source package in Quantal: Fix Committed Status in “linux-ec2” source package in Quantal: Invalid Status in “linux-fsl-imx51” source package in Quantal: Invalid Status in “linux-lts-quantal” source package in Quantal: Invalid Status in “linux-lts-raring” source package in Quantal: Invalid Status in “linux-lts-saucy” source package in Quantal: Invalid Status in “linux-mvl-dove” source package in Quantal: Invalid Status in “linux-ti-omap4” source package in Quantal: Fix Committed Status in “linux” source package in Saucy: Fix Released Status in “linux-armadaxp” source package in Saucy: Invalid Status in “linux-ec2” source package in Saucy: Invalid Status in “linux-fsl-imx51” source package in Saucy: Invalid Status in “linux-lts-quantal” source package in Saucy: Invalid Status in “linux-lts-raring” source package in Saucy: Invalid Status in “linux-lts-saucy” source package in Saucy: Invalid Status in “linux-mvl-dove” source package in Saucy: Invalid Status in “linux-ti-omap4” source package in Saucy: Fix Committed Status in “linux” source package in Trusty: Fix Released Status in “linux-armadaxp” source package in Trusty: Invalid Status in “linux-ec2” source package in Trusty: Invalid Status in “linux-fsl-imx51” source package in Trusty: Invalid Status in “linux-lts-quantal” source package in Trusty: Invalid Status in “linux-lts-raring” source package in Trusty: Invalid Status in “linux-lts-saucy” source package in Trusty: Invalid Status in “linux-mvl-dove” source package in Trusty: Invalid Status in “linux-ti-omap4” source package in Trusty: Invalid Status in “linux” source package in Utopic: New Status in “linux-armadaxp” source package in Utopic: Invalid Status in “linux-ec2” source package in Utopic: Invalid Status in “linux-fsl-imx51” source package in Utopic: Invalid Status in “linux-lts-quantal” source package in Utopic: Invalid Status in “linux-lts-raring” source package in Utopic: Invalid Status in “linux-lts-saucy” source package in Utopic: Invalid Status in “linux-mvl-dove” source package in Utopic: Invalid Status in “linux-ti-omap4” source package in Utopic: Invalid Bug description: The n_tty_write function in drivers/tty/n_tty.c in the Linux kernel through 3.14.3 does not properly manage tty driver access in the "LECHO & !OPOST" case, which allows local users to cause a denial of service (memory corruption and system crash) or gain privileges by triggering a race condition involving read and write operations with long strings. Break-Fix: d945cb9cce20ac7143c2de8d88b187f62db99bdc 4291086b1f081b869c6d79e5b7441633dc3ace00 To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/linux/+bug/1314762/+subscriptions -- Mailing list: https://launchpad.net/~kernel-packages Post to : kernel-packages@lists.launchpad.net Unsubscribe : https://launchpad.net/~kernel-packages More help : https://help.launchpad.net/ListHelp
