Описание
The dccp_disconnect function in net/dccp/proto.c in the Linux kernel through 4.14.3 allows local users to gain privileges or cause a denial of service (use-after-free) via an AF_UNSPEC connect system call during the DCCP_LISTEN state.
A use-after-free vulnerability was found in DCCP socket code affecting the Linux kernel since 2.6.16. This vulnerability could allow an attacker to their escalate privileges.
Отчет
This issue affects the versions of the Linux kernel as shipped with Red Hat Enterprise Linux 5, 6, 7, Red Hat Enterprise MRG 2 and real-time kernels. Future updates for the respective releases may address this issue. This issue does not affect the Linux kernel packages as shipped with Red Hat Enterprise Linux 7 for ARM and Red Hat Enterprise Linux 7 for Power LE.
Затронутые пакеты
| Платформа | Пакет | Состояние | Рекомендация | Релиз |
|---|---|---|---|---|
| Red Hat Enterprise Linux 7 | kernel-alt | Not affected | ||
| Red Hat Enterprise Linux 5 Extended Lifecycle Support | kernel | Fixed | RHSA-2018:3822 | 13.12.2018 |
| Red Hat Enterprise Linux 6 | kernel | Fixed | RHSA-2018:1319 | 08.05.2018 |
| Red Hat Enterprise Linux 7 | kernel-rt | Fixed | RHSA-2018:0676 | 10.04.2018 |
| Red Hat Enterprise Linux 7 | kernel | Fixed | RHSA-2018:1062 | 10.04.2018 |
| Red Hat Enterprise Linux 7.2 Advanced Update Support | kernel | Fixed | RHSA-2018:1216 | 24.04.2018 |
| Red Hat Enterprise Linux 7.2 Telco Extended Update Support | kernel | Fixed | RHSA-2018:1216 | 24.04.2018 |
| Red Hat Enterprise Linux 7.2 Update Services for SAP Solutions | kernel | Fixed | RHSA-2018:1216 | 24.04.2018 |
| Red Hat Enterprise Linux 7.3 Extended Update Support | kernel | Fixed | RHSA-2018:0399 | 06.03.2018 |
| Red Hat Enterprise Linux 7.4 Extended Update Support | kernel | Fixed | RHSA-2018:1130 | 17.04.2018 |
Показывать по
Дополнительная информация
Статус:
EPSS
7.8 High
CVSS3
Связанные уязвимости
The dccp_disconnect function in net/dccp/proto.c in the Linux kernel through 4.14.3 allows local users to gain privileges or cause a denial of service (use-after-free) via an AF_UNSPEC connect system call during the DCCP_LISTEN state.
The dccp_disconnect function in net/dccp/proto.c in the Linux kernel through 4.14.3 allows local users to gain privileges or cause a denial of service (use-after-free) via an AF_UNSPEC connect system call during the DCCP_LISTEN state.
The dccp_disconnect function in net/dccp/proto.c in the Linux kernel t ...
The dccp_disconnect function in net/dccp/proto.c in the Linux kernel through 4.14.3 allows local users to gain privileges or cause a denial of service (use-after-free) via an AF_UNSPEC connect system call during the DCCP_LISTEN state.
Уязвимость функции dccp_disconnect (net/dccp/proto.c) ядра операционной системы Linux, позволяющая нарушителю выполнить произвольный код
EPSS
7.8 High
CVSS3