Oracle Linux 7 : ELSA-2017-0294-1: / kernel (ELSA-2017-02941)

The remote Oracle Linux 7 host has packages installed that are affected by a vulnerability as referenced in the ELSA-2017-02941 advisory. - The dccprcvstateprocess function in net/dccp/input.c in the Linux kernel through 4.9.11 mishandles DCCPPKTREQUEST packet data structures in the LISTEN state,...

Oracle Linux 7 / 8 : Unbreakable Enterprise kernel-container (ELSA-2021-9487)

The remote Oracle Linux 7 / 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2021-9487 advisory. - dccp: dont duplicate ccid when cloning dccp sock Lin, Zhenpeng Orabug: 33408808 CVE-2017-6074 CVE-2020-16119 CVE-2020-16119 - KVM: X86: MMU: Use...

Use-after-free

The kernel is vulnerable to use-after-free. Due to a flaw found in the tcprcvstateprocess function in the Linux kernel TCP/IP protocol suite implementation, if a system using IPv6 had the IPV6RECVPKTINFO option set on a listening socket, a remote attacker could send an IPv6 packet to that system,...

RancherOS < 0.8.1 Local Privilege Escalation

The remote host is running a version of RancherOS that is prior to v0.8.1, hence is vulnerable a to local privilege-escalation vulnerability. An attacker can exploit this issue to cause a denial-of-service condition. The dccprcvstateprocess function in net/dccp/input.c in the Linux kernel through...

Denial Of Service

The kernel packages is vulnerable to use-after-free flaw. Linux kernel's Datagram Congestion Control Protocol DCCP implementation has a flaw in freeing SKB socket buffer resources for a DCCPPKTREQUEST packet when the IPV6RECVPKTINFO option is set on the socket, allowing a local user with little...

Denial Of Service (DoS)

The kernel-rt package is vulnerable to denial of serviceDoS. The attack exists because of a use-after-free flaw in the way the Linux kernel's Datagram Congestion Control Protocol DCCP implementation freed SKB socket buffer resources for a DCCPPKTREQUEST packet when the IPV6RECVPKTINFO option is s...

Virtuozzo 7 : kernel / kernel-abi-whitelists / kernel-debug / etc (VZLSA-2017-0294)

An update for kernel is now available for Red Hat Enterprise Linux 7. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from th...

EulerOS 2.0 SP1 : kernel (EulerOS-SA-2017-1057)

According to the versions of the kernel packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : - A use-after-free flaw was found in the way the Linux kernel's Datagram Congestion Control Protocol DCCP implementation freed SKB socket buffer...

kernel security, bug fix, and enhancement update

2.6.32-696.OL6 - Update genkey bug 25599697 2.6.32-696 - net dccp: fix freeing skb too early for IPV6RECVPKTINFO Hannes Frederic Sowa 1424628 CVE-2017-6074 2.6.32-695 - block nvme: Dont poll device being removed David Milburn 1422521 2.6.32-694 - fs posixacl: Clear SGID bit when setting file...

Important kernel security update: Virtuozzo ReadyKernel patch 14.0 for kernels 3.10.0-327.18.2.vz7.15.2 (Virtuozzo 7.0.0), 3.10.0-327.36.1.vz7.18.7 (Virtuozzo 7.0.1), and 3.10.0-327.36.1.vz7.20.18 (Virtuozzo 7.0.3)

The cumulative Virtuozzo ReadyKernel patch updated with security fixes. The patch applies to Virtuozzo versions 7.0.0, 7.0.1, and 7.0.3. Vulnerability id: CVE-2017-6074 A use-after-free flaw was found in the way the Linux kernel's Datagram Congestion Control Protocol DCCP implementation freed SKB...

Important: Red Hat Security Advisory: kernel security update

An update for kernel is now available for Red Hat Enterprise Linux 6.2 Advanced Update Support. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for...

Unbreakable Enterprise kernel security update

kernel-uek 3.8.13-118.16.4 - dccp: fix freeing skb too early for IPV6RECVPKTINFO Andrey Konovalov CVE-2017-6074...

Oracle Linux 6 : kernel (ELSA-2017-0307)

The remote Oracle Linux 6 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2017-0307 advisory. - net dccp: fix freeing skb too early for IPV6RECVPKTINFO Hannes Frederic Sowa 1424626 1424628 CVE-2017-6074 - net sctp: validate chunk len before...

Unbreakable Enterprise kernel security update

2.6.39-400.294.3 - dccp: fix freeing skb too early for IPV6RECVPKTINFO Andrey Konovalov Orabug: 25598277 CVE-2017-6074...

Unbreakable Enterprise kernel security update

kernel-uek 4.1.12-61.1.28 - dccp: fix freeing skb too early for IPV6RECVPKTINFO Andrey Konovalov Orabug: 25598257 CVE-2017-6074...

Important: Red Hat Security Advisory: kernel security and bug fix update

An update for kernel is now available for Red Hat Enterprise Linux 6.7 Extended Update Support. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for...

kernel, perf, python security update

CentOS Errata and Security Advisory CESA-2017:0294 An update for kernel is now available for Red Hat Enterprise Linux 7. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity...

kernel, perf, python security update

CentOS Errata and Security Advisory CESA-2017:0293 An update for kernel is now available for Red Hat Enterprise Linux 6. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity...

CVE-2017-6074

The dccprcvstateprocess function in net/dccp/input.c in the Linux kernel through 4.9.11 mishandles DCCPPKTREQUEST packet data structures in the LISTEN state, which allows local users to obtain root privileges or cause a denial of service double free via an application that makes an IPV6RECVPKTINF...

RHEL 6 : kernel (RHSA-2017:0293)

An update for kernel is now available for Red Hat Enterprise Linux 6. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from th...