Fixes Out for Linux Kernel Flaw

Tuesday, May 20, 2014 @ 05:05 AM gHale


There is a flaw in the Linux kernel that could let a local user crash or run programs as an administrator.

Administrators running Ubuntu, some Red Hat systems, Debian, among others are moving to patch a moderately serious memory corruption flaw affecting the n_tty_write function in the Linux kernel up to 3.14.3.

RELATED STORIES
Adobe Fixes Flash Zero Day
After False Start, Apache Struts Fixed
DoS Risk with Apache Tomcat Servers
DDoS Attacks Break Records

The “n_tty_write function in drivers/tty/n_tty.c in the Linux kernel through 3.14.3 does not properly manage tty driver access in the “LECHO & !OPOST” case, which allows local users to cause a denial of service (memory corruption and system crash) or gain privileges by triggering a race condition involving read and write operations with long strings,” according to the US CERT release for CVE-2014-0196.

In UNIX/Linux parlance, TTY, derived from Teletype, refers to the command line interface terminal.

The race condition occurs in a feature introduced in 2009 that changed how “pty” — a pseudo tty — handled write buffering, one security researcher said.

“When two processes/threads write to the same pty, the buffer end could be overwritten and so memory corruption into adjacent buffers could lead to crashes / code execution,” the researcher said.

Only a local user can exploit the bug, however, the condition still may pose a risk for affected systems in shared server environments.

Red Hat is working on corrected kernel packages for Red Hat Enterprise Linux (RHEL) 6 and Red Hat Enterprise MRG 2 but has said that RHEL 5 is not affected. Debian has its available fixes and Ubuntu released details about its patches.



Leave a Reply

You must be logged in to post a comment.