Uploaded image for project: 'Lustre'
  1. Lustre
  2. LU-9143

kernel update [RHEL7.3 3.10.0-514.6.2.el7]

XMLWordPrintable

    • Icon: Bug Bug
    • Resolution: Fixed
    • Icon: Minor Minor
    • None
    • None
    • None
    • 3
    • 9223372036854775807

      Security Fix(es):

      • A use-after-free flaw was found in the way the Linux kernel's Datagram
        Congestion Control Protocol (DCCP) implementation freed SKB (socket buffer)
        resources for a DCCP_PKT_REQUEST packet when the IPV6_RECVPKTINFO option is set
        on the socket. A local, unprivileged user could use this flaw to alter the
        kernel memory, allowing them to escalate their privileges on the system.
        (CVE-2017-6074, Important)

      Bugs fixed (https://bugzilla.redhat.com/):

      1423071 - CVE-2017-6074 kernel: use after free in dccp protocol

            bogl Bob Glossman (Inactive)
            bogl Bob Glossman (Inactive)
            Votes:
            0 Vote for this issue
            Watchers:
            3 Start watching this issue

              Created:
              Updated:
              Resolved: