Vulnerabilities

CVE-2017-6074

by Fred · 18/02/2017

The dccp_rcv_state_process function in net/dccp/input.c in the Linux kernel through 4.9.11 mishandles DCCP_PKT_REQUEST packet data structures in the LISTEN state, which allows local users to obtain root privileges or cause a denial of service (double free) via an application that makes an IPV6_RECVPKTINFO setsockopt system call.

Date published : 2017-02-18

http://www.securityfocus.com/bid/96310

http://www.oracle.com/technetwork/security-advisory/cpujul2018-4258247.html

Similar

Tags: Cybersecurity Alert