Pipe 38E Patch out for dangerous Linux kernel vulnerability

Patch out for dangerous Linux kernel vulnerability

by
in linux on (#38E)
Get ready to start your updating tool: a serious vulnerability in the Linux kernel has just been identified . Threatpost describes it:
The bug appears to be a memory corruption vulnerability that could be exploited to execute code. The National Vulnerability Database describes it as follows: “The n_tty_write function in drivers/tty/n_tty.c in the Linux kernel through 3.14.3 does not properly manage tty driver access in the “LECHO & !OPOST” case, which allows local users to cause a denial of service (memory corruption and system crash) or gain privileges by triggering a race condition involving read and write operations with long strings.” There is a fix for the kernel.
Happily, this being Linux, the vulnerability has been fixed. No word if Android and other projects that use the Linux kernel are also affected. To be safe, stay in your basement with the lights out and your modem/router and all phones turned off, unplugged, and buried in a pot of marmalade.

History

2014-05-16 04:32
Patch out for Dangerous Linux Kernel Vulnerability
songofthepogo@pipedot.org
Get ready to start your updating tool: <a href="http://threatpost.com/five-year-old-security-vulnerability-patched-in-linux-kernel/106104">a serious vulnerability in the Linux kernel has just been identified. . Threatpost describes it:
The bug appears to be a memory corruption vulnerability that could be exploited to execute code. The National Vulnerability Database describes it as follows: “"The n_tty_write function in drivers/tty/n_tty.c in the Linux kernel through 3.14.3 does not properly manage tty driver access in the “"LECHO & !OPOST”" case, which allows local users to cause a denial of service (memory corruption and system crash) or gain privileges by triggering a race condition involving read and write operations with long strings.” There is a fix for the kernel."
Happily, this being Linux, the vulnerability has been the vulnerability has been fixed. No word if Android and other projects that use the Linux kernel are also affected. To be safe, stay in your basement with the lights out and your modem/router and all phones turned off, unplugged, and buried in a pot of marmalade.
Reply 0 comments