Medium severity5.5CISA KEVNVD Advisory· Published May 7, 2014· Updated Apr 21, 2026
CVE-2014-0196
CVE-2014-0196
Description
The n_tty_write function in drivers/tty/n_tty.c in the Linux kernel through 3.14.3 does not properly manage tty driver access in the "LECHO & !OPOST" case, which allows local users to cause a denial of service (memory corruption and system crash) or gain privileges by triggering a race condition involving read and write operations with long strings.
Affected products
25cpe:2.3:o:canonical:ubuntu_linux:10.04:*:*:*:-:*:*:*+ 4 more
- cpe:2.3:o:canonical:ubuntu_linux:10.04:*:*:*:-:*:*:*
- cpe:2.3:o:canonical:ubuntu_linux:12.04:*:*:*:esm:*:*:*
- cpe:2.3:o:canonical:ubuntu_linux:12.10:*:*:*:*:*:*:*
- cpe:2.3:o:canonical:ubuntu_linux:13.10:*:*:*:*:*:*:*
- cpe:2.3:o:canonical:ubuntu_linux:14.04:*:*:*:esm:*:*:*
cpe:2.3:o:debian:debian_linux:6.0:*:*:*:*:*:*:*+ 1 more
- cpe:2.3:o:debian:debian_linux:6.0:*:*:*:*:*:*:*
- cpe:2.3:o:debian:debian_linux:7.0:*:*:*:*:*:*:*
cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*+ 8 more
- cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*range: >2.6.31,<3.2.59
- cpe:2.3:o:linux:linux_kernel:2.6.31:-:*:*:*:*:*:*
- cpe:2.3:o:linux:linux_kernel:2.6.31:rc3:*:*:*:*:*:*
- cpe:2.3:o:linux:linux_kernel:2.6.31:rc4:*:*:*:*:*:*
- cpe:2.3:o:linux:linux_kernel:2.6.31:rc5:*:*:*:*:*:*
- cpe:2.3:o:linux:linux_kernel:2.6.31:rc6:*:*:*:*:*:*
- cpe:2.3:o:linux:linux_kernel:2.6.31:rc7:*:*:*:*:*:*
- cpe:2.3:o:linux:linux_kernel:2.6.31:rc8:*:*:*:*:*:*
- cpe:2.3:o:linux:linux_kernel:2.6.31:rc9:*:*:*:*:*:*
- cpe:2.3:o:oracle:linux:6:-:*:*:*:*:*:*
- cpe:2.3:o:redhat:enterprise_linux:6.0:*:*:*:*:*:*:*
cpe:2.3:o:redhat:enterprise_linux_eus:6.3:*:*:*:*:*:*:*+ 1 more
- cpe:2.3:o:redhat:enterprise_linux_eus:6.3:*:*:*:*:*:*:*
- cpe:2.3:o:redhat:enterprise_linux_eus:6.4:*:*:*:*:*:*:*
- cpe:2.3:o:redhat:enterprise_linux_server_eus:6.3:*:*:*:*:*:*:*
- cpe:2.3:o:suse:suse_linux_enterprise_desktop:11:sp3:*:*:*:-:*:*
- cpe:2.3:o:suse:suse_linux_enterprise_high_availability_extension:11:sp3:*:*:*:*:*:*
cpe:2.3:o:suse:suse_linux_enterprise_server:11:sp3:*:*:*:-:*:*+ 1 more
- cpe:2.3:o:suse:suse_linux_enterprise_server:11:sp3:*:*:*:-:*:*
- cpe:2.3:o:suse:suse_linux_enterprise_server:11:sp3:*:*:*:vmware:*:*
Patches
14291086b1f08https://github.com/torvalds/linuxvia nvd-ref
Vulnerability mechanics
Generated by null/stub on May 9, 2026. Inputs: CWE entries + fix-commit diffs from this CVE's patches. Citations validated against bundle.
References
28- bugzilla.redhat.com/show_bug.cginvdIssue TrackingPatchThird Party Advisory
- pastebin.com/raw.phpnvdExploitMailing ListThird Party Advisory
- www.exploit-db.com/exploits/33516nvdExploitThird Party AdvisoryVDB Entry
- github.com/torvalds/linux/commit/4291086b1f081b869c6d79e5b7441633dc3ace00nvdExploitPatchThird Party Advisory
- bugzilla.novell.com/show_bug.cginvdIssue TrackingPermissions RequiredThird Party Advisory
- linux.oracle.com/errata/ELSA-2014-0771.htmlnvdThird Party Advisory
- lists.opensuse.org/opensuse-security-announce/2014-05/msg00007.htmlnvdMailing ListThird Party Advisory
- lists.opensuse.org/opensuse-security-announce/2014-05/msg00012.htmlnvdMailing ListThird Party Advisory
- rhn.redhat.com/errata/RHSA-2014-0512.htmlnvdThird Party Advisory
- support.f5.com/kb/en-us/solutions/public/15000/300/sol15319.htmlnvdThird Party Advisory
- www.debian.org/security/2014/dsa-2926nvdThird Party Advisory
- www.debian.org/security/2014/dsa-2928nvdThird Party Advisory
- www.openwall.com/lists/oss-security/2014/05/05/6nvdMailing ListThird Party Advisory
- www.ubuntu.com/usn/USN-2196-1nvdThird Party Advisory
- www.ubuntu.com/usn/USN-2197-1nvdThird Party Advisory
- www.ubuntu.com/usn/USN-2198-1nvdThird Party Advisory
- www.ubuntu.com/usn/USN-2199-1nvdThird Party Advisory
- www.ubuntu.com/usn/USN-2200-1nvdThird Party Advisory
- www.ubuntu.com/usn/USN-2201-1nvdThird Party Advisory
- www.ubuntu.com/usn/USN-2202-1nvdThird Party Advisory
- www.ubuntu.com/usn/USN-2203-1nvdThird Party Advisory
- www.ubuntu.com/usn/USN-2204-1nvdThird Party Advisory
- secunia.com/advisories/59218nvdNot Applicable
- secunia.com/advisories/59262nvdBroken Link
- secunia.com/advisories/59599nvdBroken Link
- source.android.com/security/bulletin/2016-07-01.htmlnvdNot Applicable
- www.osvdb.org/106646nvdBroken Link
- www.cisa.gov/known-exploited-vulnerabilities-catalognvdUS Government Resource
News mentions
0No linked articles in our index yet.