PT-2017-2357 · Linux+5 · Linux Kernel+5
Andrey Konovalov
·
Publicado
2017-02-17
·
Atualizado
2025-09-29
·
CVE-2017-6074
CVSS v3.1
7.8
Alta
| Vetor | AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H |
Name of the Vulnerable Software and Affected Versions
Linux kernel versions prior to 4.9.11
Description
The issue is related to the dccp rcv state process function in the Linux kernel, which mishandles DCCP PKT REQUEST packet data structures in the LISTEN state. This can be exploited by a local user to obtain root privileges or cause a denial of service (double free) via an application that makes an IPV6 RECVPKTINFO setsockopt system call. The exploitation is due to the use of memory after it has been freed.
Recommendations
For Linux kernel versions prior to 4.9.11, update to version 4.9.11 or later to resolve the issue. As a temporary workaround, consider restricting the use of the dccp rcv state process function or the IPV6 RECVPKTINFO setsockopt system call to minimize the risk of exploitation.
Exploit
Correção
DoS
Double Free
Use After Free
Encontrou algum problema na descrição? Tem algo a acrescentar? Fique à vontade para nos escrever 👾
Identificadores relacionados
Produtos afetados
Alt Linux
Centos
Linux Kernel
Red Hat
Suse
Ubuntu