CVE-2017-6074
published 2017-02-18CVE-2017-6074: The dccp_rcv_state_process function in net/dccp/input.c in the Linux kernel through 4.9.11 mishandles DCCP_PKT_REQUEST packet data structures in the LISTEN…
PriorityP350high7.8CVSS 3.1
AVLACLPRLUINSUCHIHAH
EXPLOIT
EPSS
5.96%
92.4th percentile
The dccp_rcv_state_process function in net/dccp/input.c in the Linux kernel through 4.9.11 mishandles DCCP_PKT_REQUEST packet data structures in the LISTEN state, which allows local users to obtain root privileges or cause a denial of service (double free) via an application that makes an IPV6_RECVPKTINFO setsockopt system call.
Affected
17 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| debian | debian_linux | — | — |
| debian | linux | < linux 4.9.13-1 (bookworm) | linux 4.9.13-1 (bookworm) |
| android | — | — | |
| linux | linux_kernel | < 3.2.86 | 3.2.86 |
| linux | linux_kernel | >= 0 < 4.9.13-1 | 4.9.13-1 |
| linux | linux_kernel | >= 0 < 4.9.13-1 | 4.9.13-1 |
| linux | linux_kernel | >= 0 < 4.9.13-1 | 4.9.13-1 |
| linux | linux_kernel | >= 0 < 4.9.13-1 | 4.9.13-1 |
| linux | linux_kernel | >= 0 < 3.13.0-110.157 | 3.13.0-110.157 |
| linux | linux_kernel | >= 0 < 4.4.0-64.85 | 4.4.0-64.85 |
| linux | linux_kernel | >= 3.11 < 3.12.71 | 3.12.71 |
| linux | linux_kernel | >= 3.13 < 3.16.41 | 3.16.41 |
| linux | linux_kernel | >= 3.17 < 3.18.49 | 3.18.49 |
| linux | linux_kernel | >= 3.19 < 4.1.41 | 4.1.41 |
| linux | linux_kernel | >= 3.3 < 3.10.106 | 3.10.106 |
| linux | linux_kernel | >= 4.2 < 4.4.52 | 4.4.52 |
| linux | linux_kernel | >= 4.5 < 4.9.13 | 4.9.13 |
CVSS provenance
nvdv3.17.8HIGHCVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
nvdv2.07.2HIGHAV:L/AC:L/Au:N/C:C/I:C/A:C
osv7.8HIGH
vendor_debian7.8HIGH
vendor_redhat7.8HIGH
vendor_ubuntu7.8HIGH
CVEs like this are exactly what “Exploited This Week” covers.
Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.
GHSA
GHSA-2gwg-mmmc-55j4: The dccp_rcv_state_process function in net/dccp/input
ghsa_unreviewed·2022-05-14
CVE-2017-6074 [HIGH] CWE-415 GHSA-2gwg-mmmc-55j4: The dccp_rcv_state_process function in net/dccp/input
The dccp_rcv_state_process function in net/dccp/input.c in the Linux kernel through 4.9.11 mishandles DCCP_PKT_REQUEST packet data structures in the LISTEN state, which allows local users to obtain root privileges or cause a denial of service (double free) via an application that makes an IPV6_RECVPKTINFO setsockopt system call.
Kernel
dccp: don't duplicate ccid when cloning dccp sock
kernel_security·2021-09-08·CVSS 7.8
CVE-2017-6074 [HIGH] dccp: don't duplicate ccid when cloning dccp sock
dccp: don't duplicate ccid when cloning dccp sock
Commit 2677d2067731 ("dccp: don't free ccid2_hc_tx_sock ...") fixed
a UAF but reintroduced CVE-2017-6074.
When the sock is cloned, two dccps_hc_tx_ccid will reference to the
same ccid. So one can free the ccid object twice from two socks after
cloning.
This issue was found by "Hadar Manor" as well and assigned with
CVE-2020-16119, which was fixed in Ubuntu's kernel. So here I port
the patch from Ubuntu to fix it.
The patch prevents cloned socks from referencing the same ccid.
Fixes: 2677d2067731410 ("dccp: don't free ccid2_hc_tx_sock ...")
Signed-off-by: Zhenpeng Lin
Signed-off-by: David S. Miller
OSV
linux, linux-snapdragon vulnerabilities
osv·2017-02-22·CVSS 7.0
CVE-2016-10088 [HIGH] linux, linux-snapdragon vulnerabilities
linux, linux-snapdragon vulnerabilities
It was discovered that the generic SCSI block layer in the Linux kernel did
not properly restrict write operations in certain situations. A local
attacker could use this to cause a denial of service (system crash) or
possibly gain administrative privileges. (CVE-2016-10088)
CAI Qian discovered that the sysctl implementation in the Linux kernel did
not properly perform reference counting in some situations. An unprivileged
attacker could use this to cause a denial of service (system hang).
(CVE-2016-9191)
Jim Mattson discovered that the KVM implementation in the Linux kernel
mismanages the #BP and #OF exceptions. A local attacker in a guest virtual
machine could use this to cause a denial of service (guest OS crash).
(CVE-2016-9588)
Andy Lutomirsk
OSV
linux-lts-xenial vulnerabilities
osv·2017-02-22·CVSS 7.0
[HIGH] linux-lts-xenial vulnerabilities
linux-lts-xenial vulnerabilities
USN-3208-1 fixed vulnerabilities in the Linux kernel for Ubuntu 16.04
LTS. This update provides the corresponding updates for the Linux
Hardware Enablement (HWE) kernel from Ubuntu 16.04 LTS for Ubuntu
14.04 LTS.
It was discovered that the generic SCSI block layer in the Linux kernel did
not properly restrict write operations in certain situations. A local
attacker could use this to cause a denial of service (system crash) or
possibly gain administrative privileges. (CVE-2016-10088)
CAI Qian discovered that the sysctl implementation in the Linux kernel did
not properly perform reference counting in some situations. An unprivileged
attacker could use this to cause a denial of service (system hang).
(CVE-2016-9191)
Jim Mattson discovered that the KVM impl
OSV
linux vulnerabilities
osv·2017-02-22·CVSS 7.8
CVE-2016-7910 [HIGH] linux vulnerabilities
linux vulnerabilities
It was discovered that a use-after-free vulnerability existed in the block
device layer of the Linux kernel. A local attacker could use this to cause
a denial of service (system crash) or possibly gain administrative
privileges. (CVE-2016-7910)
Dmitry Vyukov discovered a use-after-free vulnerability in the
sys_ioprio_get() function in the Linux kernel. A local attacker could use
this to cause a denial of service (system crash) or possibly gain
administrative privileges. (CVE-2016-7911)
Andrey Konovalov discovered a use-after-free vulnerability in the DCCP
implementation in the Linux kernel. A local attacker could use this to
cause a denial of service (system crash) or possibly gain administrative
privileges. (CVE-2017-6074)
OSV
CVE-2017-6074: The dccp_rcv_state_process function in net/dccp/input
osv·2017-02-18·CVSS 7.8
CVE-2017-6074 [HIGH] CVE-2017-6074: The dccp_rcv_state_process function in net/dccp/input
The dccp_rcv_state_process function in net/dccp/input.c in the Linux kernel through 4.9.11 mishandles DCCP_PKT_REQUEST packet data structures in the LISTEN state, which allows local users to obtain root privileges or cause a denial of service (double free) via an application that makes an IPV6_RECVPKTINFO setsockopt system call.
Android
CVE-2017-6074: Networking subsystem
vendor_android·2017-07-01·CVSS 7.8
CVE-2017-6074 [HIGH] CVE-2017-6074: Networking subsystem
Android Security Bulletin 2017-07-01
CVE: CVE-2017-6074
Severity: HIGH
Type: EoP
Component: Networking subsystem
References: A-35784697
Upstream
kernel
Ubuntu
Linux kernel vulnerabilities
vendor_ubuntu·2017-02-22·CVSS 7.8
CVE-2016-7910 [HIGH] Linux kernel vulnerabilities
Title: Linux kernel vulnerabilities
Summary: Several security issues were fixed in the kernel.
It was discovered that a use-after-free vulnerability existed in the block
device layer of the Linux kernel. A local attacker could use this to cause
a denial of service (system crash) or possibly gain administrative
privileges. (CVE-2016-7910)
Dmitry Vyukov discovered a use-after-free vulnerability in the
sys_ioprio_get() function in the Linux kernel. A local attacker could use
this to cause a denial of service (system crash) or possibly gain
administrative privileges. (CVE-2016-7911)
Andrey Konovalov discovered a use-after-free vulnerability in the DCCP
implementation in the Linux kernel. A local attacker could use this to
cause a denial of service (system crash) or possibly gain administra
Red Hat
kernel: use after free in dccp protocol
vendor_redhat·2017-02-22·CVSS 7.8
CVE-2017-6074 [HIGH] CWE-416 kernel: use after free in dccp protocol
kernel: use after free in dccp protocol
The dccp_rcv_state_process function in net/dccp/input.c in the Linux kernel through 4.9.11 mishandles DCCP_PKT_REQUEST packet data structures in the LISTEN state, which allows local users to obtain root privileges or cause a denial of service (double free) via an application that makes an IPV6_RECVPKTINFO setsockopt system call.
A use-after-free flaw was found in the way the Linux kernel's Datagram Congestion Control Protocol (DCCP) implementation freed SKB (socket buffer) resources for a DCCP_PKT_REQUEST packet when the IPV6_RECVPKTINFO option is set on the socket. A local, unprivileged user could use this flaw to alter the kernel memory, allowing them to escalate their privileges on the system.
Statement: This issue affects Red Hat Enterprise Li
Ubuntu
Linux kernel (Trusty HWE) vulnerabilities
vendor_ubuntu·2017-02-22·CVSS 7.8
CVE-2016-7910 [HIGH] Linux kernel (Trusty HWE) vulnerabilities
Title: Linux kernel (Trusty HWE) vulnerabilities
Summary: Several security issues were fixed in the kernel.
USN-3207-1 fixed vulnerabilities in the Linux kernel for Ubuntu 14.04
LTS. This update provides the corresponding updates for the Linux
Hardware Enablement (HWE) kernel from Ubuntu 14.04 LTS for Ubuntu
12.04 LTS.
It was discovered that a use-after-free vulnerability existed in the block
device layer of the Linux kernel. A local attacker could use this to cause
a denial of service (system crash) or possibly gain administrative
privileges. (CVE-2016-7910)
Dmitry Vyukov discovered a use-after-free vulnerability in the
sys_ioprio_get() function in the Linux kernel. A local attacker could use
this to cause a denial of service (system crash) or possibly gain
administrative privileges.
Ubuntu
Linux kernel (Xenial HWE) vulnerabilities
vendor_ubuntu·2017-02-22·CVSS 7.0
CVE-2016-10088 [HIGH] Linux kernel (Xenial HWE) vulnerabilities
Title: Linux kernel (Xenial HWE) vulnerabilities
Summary: Several security issues were fixed in the kernel.
USN-3208-1 fixed vulnerabilities in the Linux kernel for Ubuntu 16.04
LTS. This update provides the corresponding updates for the Linux
Hardware Enablement (HWE) kernel from Ubuntu 16.04 LTS for Ubuntu
14.04 LTS.
It was discovered that the generic SCSI block layer in the Linux kernel did
not properly restrict write operations in certain situations. A local
attacker could use this to cause a denial of service (system crash) or
possibly gain administrative privileges. (CVE-2016-10088)
CAI Qian discovered that the sysctl implementation in the Linux kernel did
not properly perform reference counting in some situations. An unprivileged
attacker could use this to cause a denial of serv
Ubuntu
Linux kernel vulnerabilities
vendor_ubuntu·2017-02-22·CVSS 7.0
CVE-2016-10088 [HIGH] Linux kernel vulnerabilities
Title: Linux kernel vulnerabilities
Summary: Several security issues were fixed in the kernel.
It was discovered that the generic SCSI block layer in the Linux kernel did
not properly restrict write operations in certain situations. A local
attacker could use this to cause a denial of service (system crash) or
possibly gain administrative privileges. (CVE-2016-10088)
CAI Qian discovered that the sysctl implementation in the Linux kernel did
not properly perform reference counting in some situations. An unprivileged
attacker could use this to cause a denial of service (system hang).
(CVE-2016-9191)
Jim Mattson discovered that the KVM implementation in the Linux kernel
mismanages the #BP and #OF exceptions. A local attacker in a guest virtual
machine could use this to cause a denial of s
Ubuntu
Linux kernel vulnerabilities
vendor_ubuntu·2017-02-22·CVSS 7.0
CVE-2016-10088 [HIGH] Linux kernel vulnerabilities
Title: Linux kernel vulnerabilities
Summary: Several security issues were fixed in the kernel.
It was discovered that the generic SCSI block layer in the Linux kernel did
not properly restrict write operations in certain situations. A local
attacker could use this to cause a denial of service (system crash) or
possibly gain administrative privileges. (CVE-2016-10088)
Jim Mattson discovered that the KVM implementation in the Linux kernel
mismanages the #BP and #OF exceptions. A local attacker in a guest virtual
machine could use this to cause a denial of service (guest OS crash).
(CVE-2016-9588)
Andrey Konovalov discovered a use-after-free vulnerability in the DCCP
implementation in the Linux kernel. A local attacker could use this to
cause a denial of service (system crash) or possibly
Ubuntu
Linux kernel vulnerabilities
vendor_ubuntu·2017-02-22·CVSS 7.8
CVE-2016-7910 [HIGH] Linux kernel vulnerabilities
Title: Linux kernel vulnerabilities
Summary: Several security issues were fixed in the kernel.
It was discovered that a use-after-free vulnerability existed in the block
device layer of the Linux kernel. A local attacker could use this to cause
a denial of service (system crash) or possibly gain administrative
privileges. (CVE-2016-7910)
Dmitry Vyukov discovered a use-after-free vulnerability in the
sys_ioprio_get() function in the Linux kernel. A local attacker could
use this to cause a denial of service (system crash) or possibly gain
administrative privileges. (CVE-2016-7911)
Andrey Konovalov discovered a use-after-free vulnerability in the DCCP
implementation in the Linux kernel. A local attacker could use this to
cause a denial of service (system crash) or possibly gain administra
Debian
CVE-2017-6074: linux - The dccp_rcv_state_process function in net/dccp/input.c in the Linux kernel thro...
vendor_debian·2017·CVSS 7.8
CVE-2017-6074 [HIGH] CVE-2017-6074: linux - The dccp_rcv_state_process function in net/dccp/input.c in the Linux kernel thro...
The dccp_rcv_state_process function in net/dccp/input.c in the Linux kernel through 4.9.11 mishandles DCCP_PKT_REQUEST packet data structures in the LISTEN state, which allows local users to obtain root privileges or cause a denial of service (double free) via an application that makes an IPV6_RECVPKTINFO setsockopt system call.
Scope: local
bookworm: resolved (fixed in 4.9.13-1)
bullseye: resolved (fixed in 4.9.13-1)
forky: resolved (fixed in 4.9.13-1)
sid: resolved (fixed in 4.9.13-1)
trixie: resolved (fixed in 4.9.13-1)
No detection rules found.
Exploit-DB
Linux Kernel 4.4.0 (Ubuntu) - DCCP Double-Free (PoC)
exploitdb·2017-02-26·CVSS 7.8
CVE-2017-6074 [HIGH] Linux Kernel 4.4.0 (Ubuntu) - DCCP Double-Free (PoC)
Linux Kernel 4.4.0 (Ubuntu) - DCCP Double-Free (PoC)
---
//
// EDB Note: More information ~ http://seclists.org/oss-sec/2017/q1/471
//
// A trigger for CVE-2017-6074, crashes kernel.
// Tested on 4.4.0-62-generic #83-Ubuntu kernel.
// https://github.com/xairy/kernel-exploits/tree/master/CVE-2017-6074
//
// Andrey Konovalov
#define _GNU_SOURCE
#include
#include
#include
#include
#include
#include
#include
#include
#include
#include
#include
#include
#include
#include
#include
#include
int main() {
struct sockaddr_in6 sa1;
sa1.sin6_family = AF_INET6;
sa1.sin6_port = htons(20002);
inet_pton(AF_INET6, "::1", &sa1.sin6_addr);
sa1.sin6_flowinfo = 0;
sa1.sin6_scope_id = 0;
int optval = 8;
int s1 = socket(PF_INET6, SOCK_DCCP, IPPROTO_IP);
bind(s1, &sa1, 0x20);
listen(s1, 0x9);
setsockop
Exploit-DB
Linux Kernel 4.4.0 (Ubuntu) - DCCP Double-Free Privilege Escalation
exploitdb·2017-02-26·CVSS 7.8
CVE-2017-6074 [HIGH] Linux Kernel 4.4.0 (Ubuntu) - DCCP Double-Free Privilege Escalation
Linux Kernel 4.4.0 (Ubuntu) - DCCP Double-Free Privilege Escalation
---
//
// EDB Note: More information ~ http://seclists.org/oss-sec/2017/q1/471
//
// A proof-of-concept local root exploit for CVE-2017-6074.
// Includes a semireliable SMAP/SMEP bypass.
// Tested on 4.4.0-62-generic #83-Ubuntu kernel.
// https://github.com/xairy/kernel-exploits/tree/master/CVE-2017-6074
//
// Usage:
// $ gcc poc.c -o pwn
// $ ./pwn
// [.] namespace sandbox setup successfully
// [.] disabling SMEP & SMAP
// [.] scheduling 0xffffffff81064550(0x406e0)
// [.] waiting for the timer to execute
// [.] done
// [.] SMEP & SMAP should be off now
// [.] getting root
// [.] executing 0x402043
// [.] done
// [.] should be root now
// [.] checking if we got root
// [+] got r00t ^_^
// [!] don't kill the exploit binar
HackerOne
Linux kernel: CVE-2017-6074: DCCP double-free vulnerability
hackerone·2019-08-27·CVSS 7.8
CVE-2017-6074 [HIGH] Linux kernel: CVE-2017-6074: DCCP double-free vulnerability
Linux kernel: CVE-2017-6074: DCCP double-free vulnerability
Hi!
CVE-2017-6074 [1] is a double-free vulnerability I found in the Linux kernel. It can be exploited to gain
kernel code execution from an unprivileged processes. The kernel needs to be built with CONFIG_IP_DCCP for the vulnerability to be present. A lot of modern distributions enable this option by default.
Fixed on Feb 17, 2017 [2]. The oldest version that I checked is 2.6.18 (Sep 2006), which is vulnerable. However, the bug was introduced before that, probably in the first release with DCCP support (2.6.14, Oct 2005).
I initially reported this vulnerability to [email protected] following the coordinated disclosure process. The timeline and more details about the vulnerability can be found in my announcement on oss-securi
Bugzilla
CVE-2017-6074 kernel: use after free in dccp protocol [fedora-all]
bugzilla·2017-02-22·CVSS 7.8
CVE-2017-6074 [HIGH] CVE-2017-6074 kernel: use after free in dccp protocol [fedora-all]
CVE-2017-6074 kernel: use after free in dccp protocol [fedora-all]
This is an automatically created tracking bug! It was created to ensure
that one or more security vulnerabilities are fixed in affected versions
of Fedora.
For comments that are specific to the vulnerability please use bugs filed
against the "Security Response" product referenced in the "Blocks" field.
For more information see:
http://fedoraproject.org/wiki/Security/TrackingBugs
When submitting as an update, use the fedpkg template provided in the next
comment(s). This will include the bug IDs of this tracking bug as well as
the relevant top-level CVE bugs.
Please also mention the CVE IDs being fixed in the RPM changelog and the
fedpkg commit message.
NOTE: this issue affects multiple supported versions of Fedora. Whi
Bugzilla
CVE-2017-6074 kernel: use after free in dccp protocol
bugzilla·2017-02-17·CVSS 7.8
CVE-2017-6074 [HIGH] CVE-2017-6074 kernel: use after free in dccp protocol
CVE-2017-6074 kernel: use after free in dccp protocol
A flaw was found in the linux kernels implementation of DCCP protocol in which a local user could create influence timing in which a skbuff could be used after it had been freed by the kernel. An attacker is able to craft structures allocated in this free memory will be able to create memory corruption, privilege escalation or crash the system. An attacker must have a local account access on the system, this is not a remote attack. An attack requires IPV6 support to be enabled in the system.
Initial message:
https://groups.google.com/forum/#!topic/syzkaller/_vGUxJLcdKY
Proposed patch:
https://patchwork.ozlabs.org/patch/728808/
Discussion:
Mitigation:
Recent versions of the SELinux policy can mitigate this flaw. The steps below w
arXiv
Threat Modeling and Security Analysis of Containers: A Survey
arxiv_fulltext·2021-11-22
Threat Modeling and Security Analysis of Containers: A Survey
Threat Modeling and Security Analysis of Containers: A Survey
Ann Yi Wong1 Eyasu Getahun Chekole1 Mart\'in Ochoa2 Jianying Zhou1
Singapore University of Technology and Design, Singapore 487372, Singapore
[email protected], \eyasu_chekole, jianying_zhou\@sutd.edu.sg
Department of Computer Science, ETH Zurich, 8092 Zurich, Switzerland
[email protected]
## Abstract
Traditionally, applications that are used in large and small enterprises were deployed on ``bare metal'' servers installed with operating systems. Recently, the use of multiple virtual machines (VMs) on the same physical server was adopted due to cost reduction and flexibility. Nowadays, containers have become popular for application deployment due to smaller footprints than the VMs, their ability to start
arXiv
Lic-Sec: an enhanced AppArmor Docker security profile generator
arxiv_fulltext·2020-09-24
Lic-Sec: an enhanced AppArmor Docker security profile generator
frontmatter
5pt
- 0ex
0cm
0em
Lic-Sec: an enhanced AppArmor Docker security profile generator
[1]Hui Zhu
[email protected]
[1]Christian Gehrmann
[email protected]
[1]Department of Electrical and Information Technology, Lund University, Lund, Sweden
## Abstract
Along with the rapid development of cloud computing technology, containerization technology has drawn much attention from both industry and academia. In this paper, we perform a comparative measurement analysis of Docker-sec, which is a Linux Security Module proposed in 2018, and a new AppArmor profile generator called Lic-Sec, which combines Docker-sec with a modified version of LiCShield, which is also a Linux Security Module proposed in 2015. Docker-sec and LiCShield can be used to enhance Docker container sec
Tenable
[R6] Tenable Appliance 4.5.0 Fixes Multiple Vulnerabilities
blogs_tenable·2017-03-07
[R6] Tenable Appliance 4.5.0 Fixes Multiple Vulnerabilities
## Cloud Exposure
Tenable Cloud Security (CNAPP) Request a demo
Tenable Cloud Vulnerability Management Request a demo
Tenable CIEM Request a demo
Secure your cloud
## Vulnerability Exposure
Tenable Vulnerability Management Try for free
Tenable Security Center Request a demo
Tenable Web App Scanning Try for free
Tenable Patch Management Request a demo
Tenable Enclave Security Request a demo
Tenable Attack Surface Management Request a demo
Tenable Nessus Try for free
## AI Exposure
Tenable AI Exposure Request a demo
## OT/IoT Exposure
Tenable OT Security Request a demo
## Identity Exposure
Tenable Identity Exposure Request a demo
## Business needs
Active Directory
AI Security Posture Management (AI-SPM)
AWS security
Azure security
Cloud Security Posture Man
http://rhn.redhat.com/errata/RHSA-2017-0293.htmlhttp://rhn.redhat.com/errata/RHSA-2017-0294.htmlhttp://rhn.redhat.com/errata/RHSA-2017-0295.htmlhttp://rhn.redhat.com/errata/RHSA-2017-0316.htmlhttp://rhn.redhat.com/errata/RHSA-2017-0323.htmlhttp://rhn.redhat.com/errata/RHSA-2017-0324.htmlhttp://rhn.redhat.com/errata/RHSA-2017-0345.htmlhttp://rhn.redhat.com/errata/RHSA-2017-0346.htmlhttp://rhn.redhat.com/errata/RHSA-2017-0347.htmlhttp://rhn.redhat.com/errata/RHSA-2017-0365.htmlhttp://rhn.redhat.com/errata/RHSA-2017-0366.htmlhttp://rhn.redhat.com/errata/RHSA-2017-0403.htmlhttp://rhn.redhat.com/errata/RHSA-2017-0501.htmlhttp://www.debian.org/security/2017/dsa-3791http://www.openwall.com/lists/oss-security/2017/02/22/3http://www.oracle.com/technetwork/security-advisory/cpujul2018-4258247.htmlhttp://www.securityfocus.com/bid/96310http://www.securitytracker.com/id/1037876https://access.redhat.com/errata/RHSA-2017:0932https://access.redhat.com/errata/RHSA-2017:1209https://github.com/torvalds/linux/commit/5edabca9d4cff7f1f2b68f0bac55ef99d9798ba4https://source.android.com/security/bulletin/2017-07-01https://www.exploit-db.com/exploits/41457/https://www.exploit-db.com/exploits/41458/https://www.tenable.com/security/tns-2017-07http://rhn.redhat.com/errata/RHSA-2017-0293.htmlhttp://rhn.redhat.com/errata/RHSA-2017-0294.htmlhttp://rhn.redhat.com/errata/RHSA-2017-0295.htmlhttp://rhn.redhat.com/errata/RHSA-2017-0316.htmlhttp://rhn.redhat.com/errata/RHSA-2017-0323.htmlhttp://rhn.redhat.com/errata/RHSA-2017-0324.htmlhttp://rhn.redhat.com/errata/RHSA-2017-0345.htmlhttp://rhn.redhat.com/errata/RHSA-2017-0346.htmlhttp://rhn.redhat.com/errata/RHSA-2017-0347.htmlhttp://rhn.redhat.com/errata/RHSA-2017-0365.htmlhttp://rhn.redhat.com/errata/RHSA-2017-0366.htmlhttp://rhn.redhat.com/errata/RHSA-2017-0403.htmlhttp://rhn.redhat.com/errata/RHSA-2017-0501.htmlhttp://www.debian.org/security/2017/dsa-3791http://www.openwall.com/lists/oss-security/2017/02/22/3http://www.oracle.com/technetwork/security-advisory/cpujul2018-4258247.htmlhttp://www.securityfocus.com/bid/96310http://www.securitytracker.com/id/1037876https://access.redhat.com/errata/RHSA-2017:0932https://access.redhat.com/errata/RHSA-2017:1209https://github.com/torvalds/linux/commit/5edabca9d4cff7f1f2b68f0bac55ef99d9798ba4https://source.android.com/security/bulletin/2017-07-01https://www.exploit-db.com/exploits/41457/https://www.exploit-db.com/exploits/41458/https://www.tenable.com/security/tns-2017-07
2017-02-18
Published