CVE-2004-0814 Information

Feb 14, 2021 cve

Description

Multiple race conditions in the terminal layer in Linux 2.4.x and 2.6.x before 2.6.9 allow (1) local users to obtain portions of kernel data via a TIOCSETD ioctl call to a terminal interface that is being accessed by another thread or (2) remote attackers to cause a denial of service (panic) by switching from console to PPP line discipline then quickly sending data that is received during the switch.

Reference

http://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=131672 http://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=133110 http://marc.info/?l=bugtraq&m=110306397320336&w=2 http://www.mandriva.com/security/advisories?name=MDKSA-2005:022 http://www.redhat.com/support/errata/RHSA-2005-293.html http://www.securityfocus.com/archive/1/379005 http://www.securityfocus.com/bid/11491 http://www.securityfocus.com/bid/11492 https://bugzilla.fedora.us/show_bug.cgi?id=2336 https://exchange.xforce.ibmcloud.com/vulnerabilities/17816 https://oval.cisecurity.org/repository/search/definition/oval3Aorg.mitre.oval3Adef3A10728

Share on: