CVE-2004-0814 — Race Condition in Kernel

6 documents6 sources

Severity

1.2LOWNVD

EPSS

0.2%

top 53.05%

CISA KEV

Not in KEV

Exploit

No known exploits

Affected products

Linux Kernel Ubuntu Linux

Timeline

PublishedDec 23

Latest updateApr 29

Description

Multiple race conditions in the terminal layer in Linux 2.4.x, and 2.6.x before 2.6.9, allow (1) local users to obtain portions of kernel data via a TIOCSETD ioctl call to a terminal interface that is being accessed by another thread, or (2) remote attackers to cause a denial of service (panic) by switching from console to PPP line discipline, then quickly sending data that is received during the switch.

CVSS vector

AV:L/AC:H/C:N/I:N/A:PExploitability: 1.9 | Impact: 2.9

Affected Packages1 packages

▶NVDlinux/linux_kernel64 versions+63

Also affects: Ubuntu Linux 4.1

Patches

Patch: www.securityfocus.com ↗Patch: www.securityfocus.com ↗Patch: www.securityfocus.com ↗

🔴Vulnerability Details

GHSA

GHSA-6mch-53wc-3fvc: Multiple race conditions in the terminal layer in Linux 2↗2022-04-29

▶

CVEList

CVE-2004-0814: Multiple race conditions in the terminal layer in Linux 2↗2004-10-28

▶

📋Vendor Advisories

Ubuntu

Linux kernel vulnerabilities↗2004-12-15

▶

Red Hat

security flaw↗2004-09-07

▶

💬Community

Bugzilla

CVE-2004-0814 security flaw↗2018-08-16

▶