ELSA-2017-0323 -- Oracle kernel_oracleasm_ocfs2ID: oval:org.secpod.oval:def:1501781 | Date: (C)2017-02-27 (M)2024-05-22 |
Class: PATCH | Family: unix |
The dccp_rcv_state_process function in net/dccp/input.c in the Linux kernel mishandles DCCP_PKT_REQUEST packet data structures in the LISTEN state, which allows local users to obtain root privileges or cause a denial of service (double free) via an application that makes an IPV6_RECVPKTINFO setsockopt system call.
Product: |
kernel |
oracleasm |
oracleasm_pae |
oracleasm_xen |
oracleasm_debug |
ocfs2 |
ocfs2_pae |
ocfs2_xen |
ocfs2_debug |