CVE-2004-0814
Vulnerability Summary
Timeline
Description
Multiple race conditions in the terminal layer in Linux 2.4.x, and 2.6.x before 2.6.9, allow (1) local users to obtain portions of kernel data via a TIOCSETD ioctl call to a terminal interface that is being accessed by another thread, or (2) remote attackers to cause a denial of service (panic) by switching from console to PPP line discipline, then quickly sending data that is received during the switch.
CVSS Metrics
- v2.0•LOW•Score: 1.2AV:L/AC:H/Au:N/C:N/I:N/A:P
EPSS Trends
Current EPSS score: 0.24%• Percentile: 47%
Affected Systems
- linux•linux_kernel
2.2.0 | 2.2.1 | 2.2.2 | 2.2.3 | 2.2.7 | 2.2.8 | 2.2.9 | 2.2.10 | 2.2.11 | 2.2.12 | 2.2.13 | 2.2.14 | 2.2.15 | 2.2.15:pre16 | 2.2.15_pre20 | 2.2.16 | 2.2.16:pre6 | 2.2.17 | 2.2.18 | 2.2.19 | 2.2.20 | 2.2.21 | 2.2.22 | 2.2.23 | 2.2.24 | 2.2.25 | 2.4.0 | 2.4.0:test1 | 2.4.0:test10 | 2.4.0:test11 | 2.4.0:test12 | 2.4.0:test2 | 2.4.0:test3 | 2.4.0:test4 | 2.4.0:test5 | 2.4.0:test6 | 2.4.0:test7 | 2.4.0:test8 | 2.4.0:test9 | 2.4.1 | 2.4.2 | 2.4.3 | 2.4.4 | 2.4.5 | 2.4.6 | 2.4.7 | 2.4.8 | 2.4.9 | 2.4.10 | 2.4.11 | 2.4.12 | 2.4.13 | 2.4.14 | 2.4.15 | 2.4.16 | 2.4.17 | 2.4.18 | 2.4.18:pre1 | 2.4.18:pre2 | 2.4.18:pre3 | 2.4.18:pre4 | 2.4.18:pre5 | 2.4.18:pre6 | 2.4.18:pre7 | 2.4.18:pre8 | 2.4.19 | 2.4.19:pre1 | 2.4.19:pre2 | 2.4.19:pre3 | 2.4.19:pre4 | 2.4.19:pre5 | 2.4.19:pre6 | 2.4.20 | 2.4.21 | 2.4.21:pre1 | 2.4.21:pre4 | 2.4.21:pre7 | 2.4.22 | 2.4.23 | 2.4.23:pre9 | 2.4.23_ow2 | 2.4.24 | 2.4.24_ow1 | 2.4.25 | 2.4.26 | 2.4.27:pre1 | 2.4.27:pre2 | 2.4.27:pre3 | 2.4.27:pre4 | 2.4.27:pre5 | 2.6.0 | 2.6.0:test1 | 2.6.0:test10 | 2.6.0:test11 | 2.6.0:test2 | 2.6.0:test3 | 2.6.0:test4 | 2.6.0:test5 | 2.6.0:test6 | 2.6.0:test7 | 2.6.0:test8 | 2.6.0:test9 | 2.6.1 | 2.6.1:rc1 | 2.6.1:rc2 | 2.6.2 | 2.6.3 | 2.6.4 | 2.6.5 | 2.6.6 | 2.6.6:rc1 | 2.6.7 | 2.6.7:rc1 | 2.6.8:rc1 | 2.6.8:rc2 | 2.6.8:rc3 | 2.6_test9_cvs
- ubuntu•ubuntu_linux
4.1
References (11)
- http://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=133110
- http://www.mandriva.com/security/advisories?name=MDKSA-2005:022
- http://marc.info/?l=bugtraq&m=110306397320336&w=2
- https://bugzilla.fedora.us/show_bug.cgi?id=2336
- https://exchange.xforce.ibmcloud.com/vulnerabilities/17816
- http://www.securityfocus.com/archive/1/379005
- http://www.securityfocus.com/bid/11492
- http://www.securityfocus.com/bid/11491
- http://www.redhat.com/support/errata/RHSA-2005-293.html
- http://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=131672
- https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10728