Michael Tremer

CVE-2014-0196: Kernel security issue
by Michael Tremer, May 13, 2014

Since yesterday, you will find the news about a kernel security issue on the front page of several tech magazine pages like heise.de that there is an exploit for a kernel security issue in the TTY code.

The issue is handled under the name CVE-2014-0196 and almost all Linux distributions are vulnerable. The exploit that is currently passed around on the Internet only works for 64 bit systems, but the issue does not seem to be limited to 64 bit systems.

IPFire 2.13 is still vulnerable to this issue and therefore, we urge you to update to IPFire 2.15. The kernel that comes with that is basically vulnerable, but grsecurity is protecting us against that this issue is exploitable on IPFire. So, please install the update.


Posted: May 13, 2014 • 657 views