F5 Networks BIG-IP : Linux kernel TTY vulnerability (K15319)
Medium Nessus Plugin ID 78173
SynopsisThe remote device is missing a vendor-supplied security patch.
DescriptionThe n_tty_write function in drivers/tty/n_tty.c in the Linux kernel through 3.14.3 does not properly manage tty driver access in the 'LECHO & !OPOST' case, which allows local users to cause a denial of service (memory corruption and system crash) or gain privileges by triggering a race condition involving read and write operations with long strings. (CVE-2014-0196)
Local users may be able to cause a denial-of-service (DoS) or gain privileges by triggering a race condition.
SolutionUpgrade to one of the non-vulnerable versions listed in the F5 Solution K15319.