[Forgot Password]
Login  Register Subscribe

30389

 
 

423868

 
 

244411

 
 

909

 
 

193363

 
 

277

Paid content will be excluded from the download.


Download | Alert*
OVAL

ELSA-2017-3520 -- Oracle kernel-uek_dtrace-modules

ID: oval:org.secpod.oval:def:1501775Date: (C)2017-02-27   (M)2024-01-29
Class: PATCHFamily: unix




The dccp_rcv_state_process function in net/dccp/input.c in the Linux kernel mishandles DCCP_PKT_REQUEST packet data structures in the LISTEN state, which allows local users to obtain root privileges or cause a denial of service (double free) via an application that makes an IPV6_RECVPKTINFO setsockopt system call.

Platform:
Oracle Linux 6
Product:
kernel-uek
dtrace-modules 4.x
Reference:
ELSA-2017-3520
CVE-2017-6074
CVE    1
CVE-2017-6074
CPE    3
cpe:/a:dtrace-modules:dtrace-modules:4.x
cpe:/o:oracle:kernel-uek:4.x
cpe:/o:oracle:linux:6

© SecPod Technologies