[Forgot Password]
Login  Register Subscribe

30389

 
 

423868

 
 

244625

 
 

909

 
 

193379

 
 

277

Paid content will be excluded from the download.


Download | Alert*
OVAL

ELSA-2017-3521 -- Oracle kernel-uek_dtrace-modules

ID: oval:org.secpod.oval:def:1501782Date: (C)2017-02-27   (M)2024-01-29
Class: PATCHFamily: unix




The dccp_rcv_state_process function in net/dccp/input.c in the Linux kernel mishandles DCCP_PKT_REQUEST packet data structures in the LISTEN state, which allows local users to obtain root privileges or cause a denial of service (double free) via an application that makes an IPV6_RECVPKTINFO setsockopt system call.

Platform:
Oracle Linux 6
Product:
kernel-uek
dtrace-modules 3.x
Reference:
ELSA-2017-3521
CVE-2017-6074
CVE    1
CVE-2017-6074
CPE    3
cpe:/o:oracle:kernel-uek:3.x
cpe:/o:oracle:linux:6
cpe:/a:dtrace-modules:dtrace-modules:3.x

© SecPod Technologies