Логотип exploitDog
Консоль
Логотип exploitDog

exploitDog

oracle-oval логотип

ELSA-2017-3521

Опубликовано: 24 фев. 2017
Источник: oracle-oval
Платформа: Oracle Linux 6
Платформа: Oracle Linux 7

Описание

ELSA-2017-3521: Unbreakable Enterprise kernel security update (IMPORTANT)

kernel-uek [3.8.13-118.16.4]

  • dccp: fix freeing skb too early for IPV6_RECVPKTINFO (Andrey Konovalov) {CVE-2017-6074}

Обновленные пакеты

Oracle Linux 6

Oracle Linux x86_64

dtrace-modules-3.8.13-118.16.4.el6uek

0.4.5-3.el6

kernel-uek

3.8.13-118.16.4.el6uek

kernel-uek-debug

3.8.13-118.16.4.el6uek

kernel-uek-debug-devel

3.8.13-118.16.4.el6uek

kernel-uek-devel

3.8.13-118.16.4.el6uek

kernel-uek-doc

3.8.13-118.16.4.el6uek

kernel-uek-firmware

3.8.13-118.16.4.el6uek

Oracle Linux 7

Oracle Linux x86_64

dtrace-modules-3.8.13-118.16.4.el7uek

0.4.5-3.el7

kernel-uek

3.8.13-118.16.4.el7uek

kernel-uek-debug

3.8.13-118.16.4.el7uek

kernel-uek-debug-devel

3.8.13-118.16.4.el7uek

kernel-uek-devel

3.8.13-118.16.4.el7uek

kernel-uek-doc

3.8.13-118.16.4.el7uek

kernel-uek-firmware

3.8.13-118.16.4.el7uek

Связанные CVE

CVE-2017-6074

Ссылки на источники

Связанные уязвимости

ubuntu логотип

CVE-2017-6074

CVSS3: 7.8
ubuntu
больше 8 лет назад

The dccp_rcv_state_process function in net/dccp/input.c in the Linux kernel through 4.9.11 mishandles DCCP_PKT_REQUEST packet data structures in the LISTEN state, which allows local users to obtain root privileges or cause a denial of service (double free) via an application that makes an IPV6_RECVPKTINFO setsockopt system call.

redhat логотип

CVE-2017-6074

CVSS3: 7.8
redhat
больше 8 лет назад

The dccp_rcv_state_process function in net/dccp/input.c in the Linux kernel through 4.9.11 mishandles DCCP_PKT_REQUEST packet data structures in the LISTEN state, which allows local users to obtain root privileges or cause a denial of service (double free) via an application that makes an IPV6_RECVPKTINFO setsockopt system call.

nvd логотип

CVE-2017-6074

CVSS3: 7.8
nvd
больше 8 лет назад

The dccp_rcv_state_process function in net/dccp/input.c in the Linux kernel through 4.9.11 mishandles DCCP_PKT_REQUEST packet data structures in the LISTEN state, which allows local users to obtain root privileges or cause a denial of service (double free) via an application that makes an IPV6_RECVPKTINFO setsockopt system call.

debian логотип

CVE-2017-6074

CVSS3: 7.8
debian
больше 8 лет назад

The dccp_rcv_state_process function in net/dccp/input.c in the Linux k ...

github логотип

GHSA-2gwg-mmmc-55j4

CVSS3: 7.8
github
больше 3 лет назад

The dccp_rcv_state_process function in net/dccp/input.c in the Linux kernel through 4.9.11 mishandles DCCP_PKT_REQUEST packet data structures in the LISTEN state, which allows local users to obtain root privileges or cause a denial of service (double free) via an application that makes an IPV6_RECVPKTINFO setsockopt system call.