Patches ready for Red Hat, Ubuntu and others affected by Linux kernel flaw

Linux admins should start patching a newly discovered flaw affecting a component of the kernel.

Patches are in the works for several Linux distributions affected by a newly-discovered flaw in the Linux kernel that could let a local user crash or run programs as an administrator.

Admins running Ubuntu, some Red Hat systems, Debian, and other distros are advised to patch a moderately serious memory corruption flaw affecting the n_tty_write function in the Linux kernel up to 3.14.3.

According to US CERT writeup for CVE-2014-0196 bug, the "n_tty_write function in drivers/tty/n_tty.c in the Linux kernel through 3.14.3 does not properly manage tty driver access in the "LECHO & !OPOST" case, which allows local users to cause a denial of service (memory corruption and system crash) or gain privileges by triggering a race condition involving read and write operations with long strings."

In UNIX/Linux parlance, TTY, derived from Teletype, refers to the command line interface terminal.

A discussion about the bug by a Novell Suse security engineer notes the race condition occurs in a feature introduced in 2009 that changed how "pty" — a pseudo tty — handled write buffering.

"When two processes/threads write to the same pty, the buffer end could be overwritten and so memory corruption into adjacent buffers could lead to crashes / code execution," the Suse security engineer wrote. 

As noted by Ars Technica, although only a local user can exploit the bug, that condition still may pose a risk for affected systems in shared sever environments.

Red Hat is working on corrected kernel packages for Red Hat Enterprise Linux (RHEL) 6 and Red Hat Enterprise MRG 2 but has said that RHEL 5 is not affected. Debian has details about its available fixes here, while Ubuntu has released details about its patches here.

Newsletters

You have been successfully signed up. To sign up for more newsletters or to manage your account, visit the Newsletter Subscription Center.
Subscription failed.
See All