cbcvebase.
CVE-2017-6074
published 2017-02-18

CVE-2017-6074: The dccp_rcv_state_process function in net/dccp/input.c in the Linux kernel through 4.9.11 mishandles DCCP_PKT_REQUEST packet data structures in the LISTEN…

PriorityP350high7.8CVSS 3.1
AVLACLPRLUINSUCHIHAH
EXPLOIT
EPSS
5.96%
92.4th percentile
The dccp_rcv_state_process function in net/dccp/input.c in the Linux kernel through 4.9.11 mishandles DCCP_PKT_REQUEST packet data structures in the LISTEN state, which allows local users to obtain root privileges or cause a denial of service (double free) via an application that makes an IPV6_RECVPKTINFO setsockopt system call.

Affected

17 ranges
VendorProductVersion rangeFixed in
debiandebian_linux
debianlinux< linux 4.9.13-1 (bookworm)linux 4.9.13-1 (bookworm)
googleandroid
linuxlinux_kernel< 3.2.863.2.86
linuxlinux_kernel>= 0 < 4.9.13-14.9.13-1
linuxlinux_kernel>= 0 < 4.9.13-14.9.13-1
linuxlinux_kernel>= 0 < 4.9.13-14.9.13-1
linuxlinux_kernel>= 0 < 4.9.13-14.9.13-1
linuxlinux_kernel>= 0 < 3.13.0-110.1573.13.0-110.157
linuxlinux_kernel>= 0 < 4.4.0-64.854.4.0-64.85
linuxlinux_kernel>= 3.11 < 3.12.713.12.71
linuxlinux_kernel>= 3.13 < 3.16.413.16.41
linuxlinux_kernel>= 3.17 < 3.18.493.18.49
linuxlinux_kernel>= 3.19 < 4.1.414.1.41
linuxlinux_kernel>= 3.3 < 3.10.1063.10.106
linuxlinux_kernel>= 4.2 < 4.4.524.4.52
linuxlinux_kernel>= 4.5 < 4.9.134.9.13

CVSS provenance

nvdv3.17.8HIGHCVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
nvdv2.07.2HIGHAV:L/AC:L/Au:N/C:C/I:C/A:C
osv7.8HIGH
vendor_debian7.8HIGH
vendor_redhat7.8HIGH
vendor_ubuntu7.8HIGH
CVEs like this are exactly what “Exploited This Week” covers.

Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.