Loading HuntDB...
Hunt
Vulnerability Intelligence by wss.sh
Home Daily Briefings High Impact CVEs Recent Exploits KEV Catalog GitHub Advisories Latest Updates Security News
Sign In Sign Up

CVE-2017-6074

UNKNOWN
Published 2017-02-18T21:40:00
Actions:

Expert Analysis

Professional remediation guidance

Get tailored security recommendations from our analyst team for CVE-2017-6074. We'll provide specific mitigation strategies based on your environment and risk profile.

No CVSS data available

Description

The dccp_rcv_state_process function in net/dccp/input.c in the Linux kernel through 4.9.11 mishandles DCCP_PKT_REQUEST packet data structures in the LISTEN state, which allows local users to obtain root privileges or cause a denial of service (double free) via an application that makes an IPV6_RECVPKTINFO setsockopt system call.

Available Exploits

No exploits available for this CVE.

Related News

No news articles found for this CVE.

GitHub Security Advisories

Community-driven vulnerability intelligence from GitHub

⚠ Unreviewed HIGH

GHSA-2gwg-mmmc-55j4

Advisory Details

The dccp_rcv_state_process function in net/dccp/input.c in the Linux kernel through 4.9.11 mishandles DCCP_PKT_REQUEST packet data structures in the LISTEN state, which allows local users to obtain root privileges or cause a denial of service (double free) via an application that makes an IPV6_RECVPKTINFO setsockopt system call.

CVSS Scoring

CVSS Score

7.5

CVSS Vector

CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

References

ADVISORY https://nvd.nist.gov/vuln/detail/CVE-2017-6074
WEB https://github.com/torvalds/linux/commit/5edabca9d4cff7f1f2b68f0bac55ef99d9798ba4
WEB https://access.redhat.com/errata/RHSA-2017:0932
WEB https://access.redhat.com/errata/RHSA-2017:1209
WEB https://source.android.com/security/bulletin/2017-07-01
WEB https://www.exploit-db.com/exploits/41457
WEB https://www.exploit-db.com/exploits/41458
WEB https://www.tenable.com/security/tns-2017-07
WEB http://rhn.redhat.com/errata/RHSA-2017-0293.html
WEB http://rhn.redhat.com/errata/RHSA-2017-0294.html
WEB http://rhn.redhat.com/errata/RHSA-2017-0295.html
WEB http://rhn.redhat.com/errata/RHSA-2017-0316.html
WEB http://rhn.redhat.com/errata/RHSA-2017-0323.html
WEB http://rhn.redhat.com/errata/RHSA-2017-0324.html
WEB http://rhn.redhat.com/errata/RHSA-2017-0345.html
WEB http://rhn.redhat.com/errata/RHSA-2017-0346.html
WEB http://rhn.redhat.com/errata/RHSA-2017-0347.html
WEB http://rhn.redhat.com/errata/RHSA-2017-0365.html
WEB http://rhn.redhat.com/errata/RHSA-2017-0366.html
WEB http://rhn.redhat.com/errata/RHSA-2017-0403.html
WEB http://rhn.redhat.com/errata/RHSA-2017-0501.html
WEB http://www.debian.org/security/2017/dsa-3791
WEB http://www.openwall.com/lists/oss-security/2017/02/22/3
WEB http://www.oracle.com/technetwork/security-advisory/cpujul2018-4258247.html
WEB http://www.securityfocus.com/bid/96310
WEB http://www.securitytracker.com/id/1037876

Advisory provided by GitHub Security Advisory Database. Published: May 14, 2022, Modified: April 20, 2025

References

http://rhn.redhat.com/errata/RHSA-2017-0323.html
http://rhn.redhat.com/errata/RHSA-2017-0324.html
http://rhn.redhat.com/errata/RHSA-2017-0365.html
http://rhn.redhat.com/errata/RHSA-2017-0347.html
http://www.oracle.com/technetwork/security-advisory/cpujul2018-4258247.html
https://access.redhat.com/errata/RHSA-2017:1209
http://www.openwall.com/lists/oss-security/2017/02/22/3
http://rhn.redhat.com/errata/RHSA-2017-0501.html
https://source.android.com/security/bulletin/2017-07-01
https://access.redhat.com/errata/RHSA-2017:0932
http://www.securitytracker.com/id/1037876
http://rhn.redhat.com/errata/RHSA-2017-0316.html
http://rhn.redhat.com/errata/RHSA-2017-0294.html
http://rhn.redhat.com/errata/RHSA-2017-0295.html
http://rhn.redhat.com/errata/RHSA-2017-0366.html
http://rhn.redhat.com/errata/RHSA-2017-0346.html
https://github.com/torvalds/linux/commit/5edabca9d4cff7f1f2b68f0bac55ef99d9798ba4
http://rhn.redhat.com/errata/RHSA-2017-0403.html
http://www.debian.org/security/2017/dsa-3791
http://rhn.redhat.com/errata/RHSA-2017-0293.html
https://www.tenable.com/security/tns-2017-07
http://www.securityfocus.com/bid/96310
https://www.exploit-db.com/exploits/41457/
https://www.exploit-db.com/exploits/41458/
http://rhn.redhat.com/errata/RHSA-2017-0345.html

HackerOne Reports

Linux kernel: CVE-2017-6074: DCCP double-free vulnerability High
xairy
Internet Bug Bounty
Double Free
View Report
Published: 2017-02-18T21:40:00
Last Modified: 2024-08-05T15:18:49.675Z
Copied to clipboard!