CVE-2017-6074

Priority
Description
The dccp_rcv_state_process function in net/dccp/input.c in the Linux kernel
through 4.9.11 mishandles DCCP_PKT_REQUEST packet data structures in the
LISTEN state, which allows local users to obtain root privileges or cause a
denial of service (double free) via an application that makes an
IPV6_RECVPKTINFO setsockopt system call.
Ubuntu-Description
Andrey Konovalov discovered a use-after-free vulnerability in the DCCP
implementation in the Linux kernel. A local attacker could use this to
cause a denial of service (system crash) or possibly gain administrative
privileges.
Mitigation
Blacklist the dccp ipv[46] autoloading aliases by
adding the following lines to /etc/modprobe.d/blacklist-dccp.conf:
alias net-pf-2-proto-0-type-6 off
alias net-pf-2-proto-33-type-6 off
alias net-pf-10-proto-0-type-6 off
alias net-pf-10-proto-33-type-6 off
Notes
Package
Source: linux (LP Ubuntu Debian)
Upstream:released (4.10)
Ubuntu 12.04 ESM (Precise Pangolin):released (3.2.0-123.166)
Ubuntu 14.04 ESM (Trusty Tahr):released (3.13.0-110.157)
Ubuntu 16.04 LTS (Xenial Xerus):released (4.4.0-64.85)
Ubuntu 18.04 LTS (Bionic Beaver):not-affected (4.13.0-16.19)
Ubuntu 19.04 (Disco Dingo):not-affected (4.18.0-10.11)
Patches:
Introduced by
7c657876b63cb1d8a2ec06f8fc6c37bb8412e66c
Fixed by
5edabca9d4cff7f1f2b68f0bac55ef99d9798ba4
Package
Upstream:released (4.10)
Ubuntu 12.04 ESM (Precise Pangolin):DNE (precise was released [3.2.0-1684.111])
Ubuntu 14.04 ESM (Trusty Tahr):DNE
Ubuntu 16.04 LTS (Xenial Xerus):DNE
Ubuntu 18.04 LTS (Bionic Beaver):DNE
Ubuntu 19.04 (Disco Dingo):DNE
This package is not directly supported by the Ubuntu Security Team
Package
Upstream:released (4.10)
Ubuntu 12.04 ESM (Precise Pangolin):DNE
Ubuntu 14.04 ESM (Trusty Tahr):not-affected (4.4.0-1002.2)
Ubuntu 16.04 LTS (Xenial Xerus):released (4.4.0-1004.13)
Ubuntu 18.04 LTS (Bionic Beaver):not-affected (4.15.0-1001.1)
Ubuntu 19.04 (Disco Dingo):not-affected (4.18.0-1002.3)
Package
Upstream:released (4.10)
Ubuntu 12.04 ESM (Precise Pangolin):DNE
Ubuntu 14.04 ESM (Trusty Tahr):not-affected (4.15.0-1023.24~14.04.1)
Ubuntu 16.04 LTS (Xenial Xerus):not-affected (4.11.0-1009.9)
Ubuntu 18.04 LTS (Bionic Beaver):not-affected (4.15.0-1002.2)
Ubuntu 19.04 (Disco Dingo):not-affected (4.18.0-1003.3)
Package
Upstream:released (4.10)
Ubuntu 12.04 ESM (Precise Pangolin):DNE
Ubuntu 14.04 ESM (Trusty Tahr):DNE
Ubuntu 16.04 LTS (Xenial Xerus):not-affected (4.15.0-1002.2)
Ubuntu 18.04 LTS (Bionic Beaver):not-affected (4.18.0-1004.4~18.04.1)
Ubuntu 19.04 (Disco Dingo):DNE
Package
Upstream:released (4.10)
Ubuntu 12.04 ESM (Precise Pangolin):DNE
Ubuntu 14.04 ESM (Trusty Tahr):DNE
Ubuntu 16.04 LTS (Xenial Xerus):released (4.4.0-9029.31)
Ubuntu 18.04 LTS (Bionic Beaver):DNE
Ubuntu 19.04 (Disco Dingo):DNE
Package
Upstream:released (4.10)
Ubuntu 12.04 ESM (Precise Pangolin):DNE
Ubuntu 14.04 ESM (Trusty Tahr):DNE (trusty was ignored)
Ubuntu 16.04 LTS (Xenial Xerus):ignored (abandoned)
Ubuntu 18.04 LTS (Bionic Beaver):DNE
Ubuntu 19.04 (Disco Dingo):DNE
Package
Upstream:released (4.10)
Ubuntu 12.04 ESM (Precise Pangolin):DNE
Ubuntu 14.04 ESM (Trusty Tahr):DNE
Ubuntu 16.04 LTS (Xenial Xerus):not-affected (4.10.0-1004.4)
Ubuntu 18.04 LTS (Bionic Beaver):not-affected (4.15.0-1001.1)
Ubuntu 19.04 (Disco Dingo):not-affected (4.18.0-1002.3)
Package
Upstream:released (4.10)
Ubuntu 12.04 ESM (Precise Pangolin):DNE
Ubuntu 14.04 ESM (Trusty Tahr):DNE
Ubuntu 16.04 LTS (Xenial Xerus):not-affected (4.4.0-1003.3)
Ubuntu 18.04 LTS (Bionic Beaver):DNE
Ubuntu 19.04 (Disco Dingo):DNE
Package
Upstream:released (4.10)
Ubuntu 12.04 ESM (Precise Pangolin):DNE
Ubuntu 14.04 ESM (Trusty Tahr):DNE (trusty was ignored)
Ubuntu 16.04 LTS (Xenial Xerus):ignored (abandoned)
Ubuntu 18.04 LTS (Bionic Beaver):DNE
Ubuntu 19.04 (Disco Dingo):DNE
Package
Upstream:released (4.10)
Ubuntu 12.04 ESM (Precise Pangolin):DNE
Ubuntu 14.04 ESM (Trusty Tahr):DNE (trusty was ignored)
Ubuntu 16.04 LTS (Xenial Xerus):DNE
Ubuntu 18.04 LTS (Bionic Beaver):DNE
Ubuntu 19.04 (Disco Dingo):DNE
Package
Upstream:released (4.10)
Ubuntu 12.04 ESM (Precise Pangolin):DNE
Ubuntu 14.04 ESM (Trusty Tahr):DNE
Ubuntu 16.04 LTS (Xenial Xerus):released (4.8.0-39.42~16.04.1)
Ubuntu 18.04 LTS (Bionic Beaver):not-affected
Ubuntu 19.04 (Disco Dingo):DNE
Package
Upstream:released (4.10)
Ubuntu 12.04 ESM (Precise Pangolin):DNE
Ubuntu 14.04 ESM (Trusty Tahr):DNE
Ubuntu 16.04 LTS (Xenial Xerus):released (4.8.0-39.42~16.04.1)
Ubuntu 18.04 LTS (Bionic Beaver):not-affected (4.18.0-11.12~18.04.1)
Ubuntu 19.04 (Disco Dingo):DNE
Product
linux-krillin:ignored (was needed now end-of-life)
Package
Upstream:released (4.10)
Ubuntu 12.04 ESM (Precise Pangolin):DNE
Ubuntu 14.04 ESM (Trusty Tahr):DNE
Ubuntu 16.04 LTS (Xenial Xerus):not-affected (4.4.0-1004.9)
Ubuntu 18.04 LTS (Bionic Beaver):not-affected (4.15.0-1002.2)
Ubuntu 19.04 (Disco Dingo):not-affected (4.18.0-1003.3)
Package
Upstream:released (4.10)
Ubuntu 12.04 ESM (Precise Pangolin):DNE (precise was ignored [abandoned])
Ubuntu 14.04 ESM (Trusty Tahr):DNE
Ubuntu 16.04 LTS (Xenial Xerus):DNE
Ubuntu 18.04 LTS (Bionic Beaver):DNE
Ubuntu 19.04 (Disco Dingo):DNE
Package
Upstream:released (4.10)
Ubuntu 12.04 ESM (Precise Pangolin):DNE (precise was ignored [abandoned])
Ubuntu 14.04 ESM (Trusty Tahr):DNE
Ubuntu 16.04 LTS (Xenial Xerus):DNE
Ubuntu 18.04 LTS (Bionic Beaver):DNE
Ubuntu 19.04 (Disco Dingo):DNE
Package
Upstream:released (4.10)
Ubuntu 12.04 ESM (Precise Pangolin):DNE (precise was ignored [abandoned])
Ubuntu 14.04 ESM (Trusty Tahr):DNE
Ubuntu 16.04 LTS (Xenial Xerus):DNE
Ubuntu 18.04 LTS (Bionic Beaver):DNE
Ubuntu 19.04 (Disco Dingo):DNE
Package
Upstream:released (4.10)
Ubuntu 12.04 ESM (Precise Pangolin):DNE (precise was ignored [end-of-life])
Ubuntu 14.04 ESM (Trusty Tahr):DNE
Ubuntu 16.04 LTS (Xenial Xerus):DNE
Ubuntu 18.04 LTS (Bionic Beaver):DNE
Ubuntu 19.04 (Disco Dingo):DNE
Patches:
This package is not directly supported by the Ubuntu Security Team
Package
Upstream:released (4.10)
Ubuntu 12.04 ESM (Precise Pangolin):DNE (precise was ignored [end-of-life])
Ubuntu 14.04 ESM (Trusty Tahr):DNE
Ubuntu 16.04 LTS (Xenial Xerus):DNE
Ubuntu 18.04 LTS (Bionic Beaver):DNE
Ubuntu 19.04 (Disco Dingo):DNE
Package
Upstream:released (4.10)
Ubuntu 12.04 ESM (Precise Pangolin):DNE (precise was ignored [end-of-life])
Ubuntu 14.04 ESM (Trusty Tahr):DNE
Ubuntu 16.04 LTS (Xenial Xerus):DNE
Ubuntu 18.04 LTS (Bionic Beaver):DNE
Ubuntu 19.04 (Disco Dingo):DNE
This package is not directly supported by the Ubuntu Security Team
Package
Upstream:released (4.10)
Ubuntu 12.04 ESM (Precise Pangolin):released (3.13.0-110.157~precise1)
Ubuntu 14.04 ESM (Trusty Tahr):DNE
Ubuntu 16.04 LTS (Xenial Xerus):DNE
Ubuntu 18.04 LTS (Bionic Beaver):DNE
Ubuntu 19.04 (Disco Dingo):DNE
Package
Upstream:released (4.10)
Ubuntu 12.04 ESM (Precise Pangolin):DNE
Ubuntu 14.04 ESM (Trusty Tahr):DNE (trusty was ignored [out of standard support])
Ubuntu 16.04 LTS (Xenial Xerus):DNE
Ubuntu 18.04 LTS (Bionic Beaver):DNE
Ubuntu 19.04 (Disco Dingo):DNE
Package
Upstream:released (4.10)
Ubuntu 12.04 ESM (Precise Pangolin):DNE
Ubuntu 14.04 ESM (Trusty Tahr):DNE (trusty was ignored)
Ubuntu 16.04 LTS (Xenial Xerus):DNE
Ubuntu 18.04 LTS (Bionic Beaver):DNE
Ubuntu 19.04 (Disco Dingo):DNE
Package
Upstream:released (4.10)
Ubuntu 12.04 ESM (Precise Pangolin):DNE
Ubuntu 14.04 ESM (Trusty Tahr):DNE (trusty was ignored [out of standard support])
Ubuntu 16.04 LTS (Xenial Xerus):DNE
Ubuntu 18.04 LTS (Bionic Beaver):DNE
Ubuntu 19.04 (Disco Dingo):DNE
Package
Upstream:released (4.10)
Ubuntu 12.04 ESM (Precise Pangolin):DNE
Ubuntu 14.04 ESM (Trusty Tahr):released (4.4.0-64.85~14.04.1)
Ubuntu 16.04 LTS (Xenial Xerus):DNE
Ubuntu 18.04 LTS (Bionic Beaver):DNE
Ubuntu 19.04 (Disco Dingo):DNE
Package
Upstream:released (4.10)
Ubuntu 12.04 ESM (Precise Pangolin):DNE
Ubuntu 14.04 ESM (Trusty Tahr):DNE (trusty was ignored)
Ubuntu 16.04 LTS (Xenial Xerus):DNE
Ubuntu 18.04 LTS (Bionic Beaver):DNE
Ubuntu 19.04 (Disco Dingo):DNE
Package
Upstream:released (4.10)
Ubuntu 12.04 ESM (Precise Pangolin):DNE
Ubuntu 14.04 ESM (Trusty Tahr):DNE (trusty was ignored)
Ubuntu 16.04 LTS (Xenial Xerus):ignored (abandoned)
Ubuntu 18.04 LTS (Bionic Beaver):DNE
Ubuntu 19.04 (Disco Dingo):DNE
Package
Upstream:released (4.10)
Ubuntu 12.04 ESM (Precise Pangolin):DNE
Ubuntu 14.04 ESM (Trusty Tahr):DNE (trusty was ignored)
Ubuntu 16.04 LTS (Xenial Xerus):DNE
Ubuntu 18.04 LTS (Bionic Beaver):DNE
Ubuntu 19.04 (Disco Dingo):DNE
Package
Upstream:released (4.10)
Ubuntu 12.04 ESM (Precise Pangolin):DNE
Ubuntu 14.04 ESM (Trusty Tahr):DNE
Ubuntu 16.04 LTS (Xenial Xerus):ignored (was needs-triage now end-of-life)
Ubuntu 18.04 LTS (Bionic Beaver):not-affected (4.15.0-1002.3)
Ubuntu 19.04 (Disco Dingo):not-affected (4.15.0-1021.24)
Package
Upstream:released (4.10)
Ubuntu 12.04 ESM (Precise Pangolin):DNE (precise was ignored [abandoned])
Ubuntu 14.04 ESM (Trusty Tahr):DNE
Ubuntu 16.04 LTS (Xenial Xerus):DNE
Ubuntu 18.04 LTS (Bionic Beaver):DNE
Ubuntu 19.04 (Disco Dingo):DNE
Package
Upstream:released (4.10)
Ubuntu 12.04 ESM (Precise Pangolin):DNE
Ubuntu 14.04 ESM (Trusty Tahr):DNE
Ubuntu 16.04 LTS (Xenial Xerus):released (4.4.0-1044.51)
Ubuntu 18.04 LTS (Bionic Beaver):not-affected (4.13.0-1005.5)
Ubuntu 19.04 (Disco Dingo):not-affected (4.18.0-1005.7)
Package
Upstream:released (4.10)
Ubuntu 12.04 ESM (Precise Pangolin):DNE
Ubuntu 14.04 ESM (Trusty Tahr):DNE
Ubuntu 16.04 LTS (Xenial Xerus):released (4.4.0-1048.52)
Ubuntu 18.04 LTS (Bionic Beaver):not-affected
Ubuntu 19.04 (Disco Dingo):DNE
Package
Upstream:released (4.10)
Ubuntu 12.04 ESM (Precise Pangolin):DNE (precise was released [3.2.0-1501.128])
Ubuntu 14.04 ESM (Trusty Tahr):DNE
Ubuntu 16.04 LTS (Xenial Xerus):DNE
Ubuntu 18.04 LTS (Bionic Beaver):DNE
Ubuntu 19.04 (Disco Dingo):DNE
Product
linux-vegetahd:ignored (was needed now end-of-life)
More Information

Updated: 2019-12-05 18:49:24 UTC (commit dd38ff22974aae499eb50644b9d5a2817483cbdb)