CVE-2017-6074

The dccp_rcv_state_process function in net/dccp/input.c in the Linux kernel through 4.9.11 mishandles DCCP_PKT_REQUEST packet data structures in the LISTEN state, which allows local users to obtain root privileges or cause a denial of service (double free) via an application that makes an IPV6_RECVPKTINFO setsockopt system call.

CVSS v3.0 7.8 HIGH
CVSS v2.0 7.2 HIGH

7.8^/10

CVSS v3.0 : HIGH

V3 Legend

Vector :

Exploitability : 1.8 / Impact : 5.9

Attack Vector LOCAL

Attack Complexity LOW

Privileges Required LOW

User Interaction NONE

Confidentiality Impact HIGH

Integrity Impact HIGH

Availability Impact HIGH

Scope UNCHANGED

7.2^/10

CVSS v2.0 : HIGH

V2 Legend

Vector : AV:L/AC:L/Au:N/C:C/I:C/A:C

Exploitability : 3.9 / Impact : 10.0

Access Vector LOCAL

Access Complexity LOW

Authentication NONE

Confidentiality Impact COMPLETE

Integrity Impact COMPLETE

Availability Impact COMPLETE

References

Link	Resource
https://github.com/torvalds/linux/commit/5edabca9d4cff7f1f2b68f0bac55ef99d9798ba4	Issue Tracking Patch Third Party Advisory
http://www.openwall.com/lists/oss-security/2017/02/22/3	Mailing List Third Party Advisory
http://www.securityfocus.com/bid/96310	Third Party Advisory VDB Entry
https://source.android.com/security/bulletin/2017-07-01	Third Party Advisory
http://www.securitytracker.com/id/1037876	Third Party Advisory VDB Entry
https://www.exploit-db.com/exploits/41458/	Third Party Advisory VDB Entry
https://www.exploit-db.com/exploits/41457/	Third Party Advisory VDB Entry
https://www.tenable.com/security/tns-2017-07	Third Party Advisory
http://www.debian.org/security/2017/dsa-3791	Third Party Advisory
https://access.redhat.com/errata/RHSA-2017:1209	Third Party Advisory
https://access.redhat.com/errata/RHSA-2017:0932	Third Party Advisory
http://rhn.redhat.com/errata/RHSA-2017-0501.html	Third Party Advisory
http://rhn.redhat.com/errata/RHSA-2017-0403.html	Third Party Advisory
http://rhn.redhat.com/errata/RHSA-2017-0366.html	Third Party Advisory
http://rhn.redhat.com/errata/RHSA-2017-0365.html	Third Party Advisory
http://rhn.redhat.com/errata/RHSA-2017-0347.html	Third Party Advisory
http://rhn.redhat.com/errata/RHSA-2017-0346.html	Third Party Advisory
http://rhn.redhat.com/errata/RHSA-2017-0345.html	Third Party Advisory
http://rhn.redhat.com/errata/RHSA-2017-0324.html	Third Party Advisory
http://rhn.redhat.com/errata/RHSA-2017-0323.html	Third Party Advisory
http://rhn.redhat.com/errata/RHSA-2017-0316.html	Third Party Advisory
http://rhn.redhat.com/errata/RHSA-2017-0295.html	Third Party Advisory
http://rhn.redhat.com/errata/RHSA-2017-0294.html	Third Party Advisory
http://rhn.redhat.com/errata/RHSA-2017-0293.html	Third Party Advisory
http://www.oracle.com/technetwork/security-advisory/cpujul2018-4258247.html	Patch Third Party Advisory

Configurations

Configuration 1 (hide)

OR	cpe:2.3:o:linux:linux_kernel::::::::
	cpe:2.3:o:linux:linux_kernel::::::::
	cpe:2.3:o:linux:linux_kernel::::::::
	cpe:2.3:o:linux:linux_kernel::::::::
	cpe:2.3:o:linux:linux_kernel::::::::
	cpe:2.3:o:linux:linux_kernel::::::::
	cpe:2.3:o:linux:linux_kernel::::::::
	cpe:2.3:o:linux:linux_kernel::::::::

Configuration 2 (hide)

cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*

Information

Published : 2017-02-18 13:59

Updated : 2023-02-09 16:53

NVD link : CVE-2017-6074

Mitre link : CVE-2017-6074

JSON object : View

CWE

CWE-415

Double Free

Products Affected

debian

debian_linux

linux

linux_kernel

7.8 /10