Upstream information
Description
Multiple race conditions in the terminal layer in Linux 2.4.x, and 2.6.x before 2.6.9, allow (1) local users to obtain portions of kernel data via a TIOCSETD ioctl call to a terminal interface that is being accessed by another thread, or (2) remote attackers to cause a denial of service (panic) by switching from console to PPP line discipline, then quickly sending data that is received during the switch.SUSE information
Overall state of this security issue: Resolved
This issue is currently not rated by SUSE as it is not affecting the SUSE Enterprise products.
| National Vulnerability Database | |
|---|---|
| Base Score | 1.2 |
| Vector | AV:L/AC:H/Au:N/C:N/I:N/A:P |
| Access Vector | Local |
| Access Complexity | High |
| Authentication | None |
| Confidentiality Impact | None |
| Integrity Impact | None |
| Availability Impact | Partial |
SUSE Security Advisories:
- SUSE-SA:2005:018, published Thu, 24 Mar 2005 15:00:00 +0000
SUSE Timeline for this CVE
CVE page created: Fri Jun 28 00:58:06 2013CVE page last modified: Sun Sep 8 11:10:15 2024