Bug#747166: CVE-2014-0196: pty layer race condition memory corruption

To: submit@bugs.debian.org
Subject: Bug#747166: CVE-2014-0196: pty layer race condition memory corruption
From: Henri Salo <henri@nerv.fi>
Date: Tue, 6 May 2014 09:56:00 +0300
Message-id: <[🔎] 20140506065600.GA27884@kludge.henri.nerv.fi>
Reply-to: Henri Salo <henri@nerv.fi>, 747166@bugs.debian.org

Package: linux
Version: 3.14.2-1
Severity: grave
Tags: security

Crashes kernel from userland. Also works in linux-headers-3.2.0-4-amd64

PoC: http://pastebin.com/yTSFUBgZ
More information:
http://www.openwall.com/lists/oss-security/2014/05/05/6
https://bugzilla.novell.com/show_bug.cgi?id=875690

---
Henri Salo

Attachment: signature.asc
Description: Digital signature

Reply to:

Follow-Ups:
- Bug#747166: marked as done (CVE-2014-0196: pty layer race condition memory corruption)
  - From: owner@bugs.debian.org (Debian Bug Tracking System)

Prev by Date: Bug#747151: linux-tools: FTBFS: __u32 and __u64 shoud be used instead of u32 and u64
Next by Date: Processed: found 747166 in 3.2.57-3
Previous by thread: Bug#747151: linux-tools: FTBFS: __u32 and __u64 shoud be used instead of u32 and u64
Next by thread: Bug#747166: marked as done (CVE-2014-0196: pty layer race condition memory corruption)
Index(es):
- Date
- Thread