Cyber Resilience

CVE-2014-0196

MediumCISA KEVActive ExploitationEUVD ExploitedPublic PoC

Published: 07 May 2014

Published
07 May 2014
Modified
21 April 2026
KEV Added
12 May 2023
Patch
CVSS Score v3.1 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
EPSS Score 0.4991 97.9th percentile
Risk Priority 61 60% EPSS · 20% KEV · 20% CVSS

Summary

CVE-2014-0196 is a medium-severity Race Condition (CWE-362) vulnerability in Linux Linux Kernel. Its CVSS base score is 5.5 (Medium).

Operationally, ranked in the top 2.1% of CVEs by exploit likelihood; CISA has added it to the Known Exploited Vulnerabilities catalog; a public proof-of-concept is referenced.

The strongest mitigations our analysis identified are NIST 800-53 SI-16 (Memory Protection) and SI-2 (Flaw Remediation).

Deeper analysis

The vulnerability is a race condition (CWE-362) in the n_tty_write function within drivers/tty/n_tty.c of the Linux kernel through version 3.14.3. It occurs specifically in the LECHO and !OPOST case when the function fails to properly manage tty driver access during concurrent read and write operations involving long strings, leading to memory corruption.

Local users with the ability to perform tty read and write operations can trigger the race condition to achieve a denial of service via memory corruption and system crash, or potentially elevate privileges. The CVSS 5.5 score reflects local attack vector, low complexity, and privileges required, with high impact on availability but none on confidentiality or integrity.

Vendor advisories and patches, including the referenced kernel commit, Oracle ELSA-2014-0771, and openSUSE security announcements, address the issue through updates that correct the tty handling logic in affected kernels.

EU & UK References

Vulnerability details

The n_tty_write function in drivers/tty/n_tty.c in the Linux kernel through 3.14.3 does not properly manage tty driver access in the "LECHO & !OPOST" case, which allows local users to cause a denial of service (memory corruption and system crash) or…

more

gain privileges by triggering a race condition involving read and write operations with long strings.

CWE(s)
KEV Date Added
12 May 2023

Related Threats

No named actor attribution yet. ATT&CK technique mapping in progress for this CVE.

Affected Assets

linux
linux kernel
2.6.31 · 2.6.31 — 3.2.59 · 3.3 — 3.4.91 · 3.5 — 3.10.40
debian
debian linux
6.0, 7.0
redhat
enterprise linux
6.0
redhat
enterprise linux eus
6.3, 6.4
redhat
enterprise linux server eus
6.3
suse
suse linux enterprise desktop
11
suse
suse linux enterprise high availability extension
11
suse
suse linux enterprise server
11
oracle
linux
6
canonical
ubuntu linux
10.04, 12.04, 12.10, 13.10, 14.04
+20 more product configuration(s) — see NVD for full list

Mitigating Controls

Mitigating Controls (NIST 800-53 r5) AI

prevent

Directly requires timely installation of the vendor kernel patch that corrects the n_tty_write race condition.

prevent

Enforces hardware or kernel memory-protection mechanisms that block the memory corruption resulting from the tty race.

prevent

Maintains separate execution domains for processes, limiting the blast radius of a tty race triggered by a local user.

References