From https://bugzilla.redhat.com/show_bug.cgi?id=892983 : A security flaw was found in the way "/dev/ptmx", a character device used to create a pseudo-terminal master (PTM) and slave (PTS) pair, of the Linux kernel, used to transmit data through the PTM when a keystroke was pressed. An unprivileged, local user could use this flaw to determine inter-keystroke timing (measure latency between keystrokes), possibly allowing them to determine effective length of an password being typed in. References: [1] http://vladz.devzero.fr/013_ptmx-timing.php [2] http://users.ece.cmu.edu/~dawnsong/papers/ssh-timing.pdf [3] http://www.openwall.com/lists/oss-security/2013/01/07/5 [4] https://bugzilla.novell.com/show_bug.cgi?id=797175 Reproducers: [5] http://vladz.devzero.fr/svn/codes/PoC/ptmx-keystroke-latency.c (to display latency between keystrokes) [6] http://vladz.devzero.fr/svn/codes/PoC/ptmx-su-pwdlen.sh (to determine password length)
There are no longer any 2.x or <=3.7.9 kernels available in the repository with the exception of sys-kernel/xbox-sources which is unsupported by security.
