CVE-2014-0196: Kernel security issue

by Michael Tremer, May 13, 2014

Do you like what you are reading? Subscribe to our newsletter and don't miss out on the latest...   Join Now

Since yesterday, you will find the news about a kernel security issue on the front page of several tech magazine pages like heise.de that there is an exploit for a kernel security issue in the TTY code.

The issue is handled under the name CVE-2014-0196 and almost all Linux distributions are vulnerable. The exploit that is currently passed around on the Internet only works for 64 bit systems, but the issue does not seem to be limited to 64 bit systems.

IPFire 2.13 is still vulnerable to this issue and therefore, we urge you to update to IPFire 2.15. The kernel that comes with that is basically vulnerable, but grsecurity is protecting us against that this issue is exploitable on IPFire. So, please install the update.