CVE-2004-0814

Publication date 23 December 2004

Last updated 24 July 2024

Ubuntu priority

Multiple race conditions in the terminal layer in Linux 2.4.x, and 2.6.x before 2.6.9, allow (1) local users to obtain portions of kernel data via a TIOCSETD ioctl call to a terminal interface that is being accessed by another thread, or (2) remote attackers to cause a denial of service (panic) by switching from console to PPP line discipline, then quickly sending data that is received during the switch.

Status

Show unmaintained releases

Package	Ubuntu Release	Status
kernel-image-2.4.27-i386	7.04 feisty	Not in release
	6.10 edgy	Fixed 2.4.27-12
	6.06 LTS dapper	Fixed 2.4.27-12
kernel-source-2.4.27	7.04 feisty	Not in release
	6.10 edgy	Fixed 2.4.27-12
	6.06 LTS dapper	Fixed 2.4.27-12

How can I get the fixes?
What do statuses mean?

References

MITRE
NVD
Launchpad
Debian

Related Ubuntu Security Notices (USN)

USN-38-1
Linux kernel vulnerabilities
15 December 2004

Other references

https://www.cve.org/CVERecord?id=CVE-2004-0814