cpe:/o:linux:linux_kernel:4.9.11 CVE-2017-6074 2017-02-18T16:59:00.237-05:00 2018-07-18T21:29:07.700-04:00 7.2 LOCAL LOW NONE COMPLETE COMPLETE COMPLETE http://nvd.nist.gov SECTRACK 1037876 EXPLOIT-DB 41457 EXPLOIT-DB 41458 BID 96310 DEBIAN DSA-3791 REDHAT RHSA-2017:0293 REDHAT RHSA-2017:0294 REDHAT RHSA-2017:0295 REDHAT RHSA-2017:0316 REDHAT RHSA-2017:0323 REDHAT RHSA-2017:0324 REDHAT RHSA-2017:0345 REDHAT RHSA-2017:0346 REDHAT RHSA-2017:0347 REDHAT RHSA-2017:0365 REDHAT RHSA-2017:0366 REDHAT RHSA-2017:0403 REDHAT RHSA-2017:0501 REDHAT RHSA-2017:0932 REDHAT RHSA-2017:1209 MLIST [oss-security] 20170222 Linux kernel: CVE-2017-6074: DCCP double-free vulnerability (local root) CONFIRM http://www.oracle.com/technetwork/security-advisory/cpujul2018-4258247.html CONFIRM https://github.com/torvalds/linux/commit/5edabca9d4cff7f1f2b68f0bac55ef99d9798ba4 CONFIRM https://source.android.com/security/bulletin/2017-07-01 CONFIRM https://www.tenable.com/security/tns-2017-07 The dccp_rcv_state_process function in net/dccp/input.c in the Linux kernel through 4.9.11 mishandles DCCP_PKT_REQUEST packet data structures in the LISTEN state, which allows local users to obtain root privileges or cause a denial of service (double free) via an application that makes an IPV6_RECVPKTINFO setsockopt system call.