|
|
Subscribe / Log in / New account

kernel: privilege escalation

Package(s):kernel CVE #(s):CVE-2017-6074
Created:February 22, 2017 Updated:February 22, 2017
Description: From the CVE entry:

The dccp_rcv_state_process function in net/dccp/input.c in the Linux kernel through 4.9.11 mishandles DCCP_PKT_REQUEST packet data structures in the LISTEN state, which allows local users to obtain root privileges or cause a denial of service (double free) via an application that makes an IPV6_RECVPKTINFO setsockopt system call.

Alerts:
Ubuntu USN-3208-2 linux-lts-xenial 2017-02-22
Ubuntu USN-3207-2 linux-lts-trusty 2017-02-22
Ubuntu USN-3206-1 linux, linux-ti-omap4 2017-02-22
Ubuntu USN-3208-1 linux, linux-snapdragon 2017-02-22
Ubuntu USN-3209-1 linux, linux-raspi2 2017-02-22
Ubuntu USN-3207-1 kernel 2017-02-22
to post comments


Copyright © 2025, Eklektix, Inc.
Comments and public postings are copyrighted by their creators.
Linux is a registered trademark of Linus Torvalds