CVE-2017-6074
CVSS v3.1
7.8 (High)
CVSS v2.0
7.2 (High)
EPSS
0.04 % (0th)
Affected Products
2
Advisories
30
The dccp_rcv_state_process function in net/dccp/input.c in the Linux kernel through 4.9.11 mishandles DCCP_PKT_REQUEST packet data structures in the LISTEN state, which allows local users to obtain root privileges or cause a denial of service (double free) via an application that makes an IPV6_RECVPKTINFO setsockopt system call.
Weaknesses
- CWE-415
- Double Free
- CVE Status
- PUBLISHED
- CNA
- MITRE
- Published Date
-
2017-02-18 21:59:00
(7 years ago) - Updated Date
-
2023-02-10 00:53:37
(19 months ago)
Affected Products
Loading...
Loading...
Configuration #1
|
Configuration #2
|
Loading...
Loading...
Loading...
Loading...
Loading...
Loading...
Loading...
Loading...