3 matches found
CVE-2017-8824
CVE-2017-8824 affects the Linux kernel DCCP implementation. The bug is a use-after-free in dccp_disconnect (net/dccp/proto.c) that can be triggered by an AF_UNSPEC connect while in the DCCP_LISTEN state, allowing a local user to escalate privileges or cause a denial of service. Public advisories ...
Linux Kernel DCCP多个本地信息泄露漏洞
Linux是一款开放源代码的操作系统。 Linux针对DCCP支持存在多个问题,本地攻击者可以利用漏洞访问敏感信息。 问题存在于net/dccp/proto.c文件中的dodccpgetsockopt函数: ----------------------- static int dodccpgetsockoptstruct sock sk, int level, int optname, char user optval, int user optlen ... if getuserlen, optlen return -EFAULT; if len sizeofint return...
[Full-disclosure] Linux Kernel DCCP Memory Disclosure Vulnerability
Linux Kernel DCCP Memory Disclosure Vulnerability Synopsis: The Linux kernel is susceptible to a locally exploitable flaw which may allow local users to steal data from the kernel memory. Vulnerable Systems: Linux Kernel Versions: = 2.6.20 with DCCP support enabled. Kernel versions 2.6.20 lack...