Reply to post: Re: Eleven year old security bug

Linux kernel gets patch for 11-year-old local-root-hole security bug

Wensleydale Cheese

Re: Eleven year old security bug

2017-02-23 Security update for Linux kernel containing this patch (and others) arrives for latest stable version of openSUSE:

• CVE-2017-6074: The dccp_rcv_state_process function in net/dccp/input.c in the Linux kernel mishandled DCCP_PKT_REQUEST packet data structures in the LISTEN state, which allowed local users to cause a denial of service (invalid free) or possibly have unspecified other impact via an application that makes an IPV6_RECVPKTINFO setsockopt system call. (bsc#1026024).

POST COMMENT House rules

Not a member of The Register? Create a new account here.

  • Enter your comment

  • Add an icon

Anonymous cowards cannot choose their icon


Biting the hand that feeds IT © 1998–2021