Local denial of service in Red Hat rhev-hypervisor
| Risk | Low |
| Patch available | YES |
| Number of vulnerabilities | 1 |
| CVE-ID | CVE-2017-6074 |
| CWE-ID | CWE-399 |
| Exploitation vector | Local |
| Public exploit | Public exploit code for vulnerability #1 is available. |
| Vulnerable software Subscribe |
Red Hat Virtualization Server applications / Virtualization software |
| Vendor | Red Hat Inc. |
Security Bulletin
This security bulletin contains one low risk vulnerability.
1) Resource management error
EUVDB-ID: #VU5869
Risk: Low
CVSSv3.1:
CVE-ID: CVE-2017-6074
CWE-ID:
CWE-399 - Resource Management Errors
Exploit availability: Yes
DescriptionThe vulnerability allows a local user to cause kernel panic.
The vulnerability exists due to invalid free in the dccp_rcv_state_process() function in net/dccp/input.c file in the Linux kernel through 4.9.11 when processing DCCP_PKT_REQUEST packet data structures in the LISTEN state. A local user can use userspace application to make an IPV6_RECVPKTINFO setsockopt system call and cause kernel panic.
Successful exploitation of this vulnerability may result in denial of service condition.
Install the following patches:
Red Hat Virtualization 7
| SRPM | |
|---|---|
| rhev-hypervisor7-7.3-20170425.0.el7ev.src.rpm | SHA-256: 6973648f6d19fedfc32050ac7cd567cc9037ce01406375a92f03f96dabfb069a |
| x86_64 | |
| rhev-hypervisor7-7.3-20170425.0.el7ev.noarch.rpm | SHA-256: a1f826d150fd2d960dba63f219b2274eb4a1df1fc812b66a3afc5250e747a89c |
Red Hat Virtualization 6
| SRPM | |
|---|---|
| rhev-hypervisor7-7.3-20170425.0.el6ev.src.rpm | SHA-256: bba110dcb5a179cd39ba91b7874617ecf62bfbedf9dd5a2492138dd6fefc2001 |
| x86_64 | |
| rhev-hypervisor7-7.3-20170425.0.el6ev.noarch.rpm | SHA-256: c03153d5d24b8667677351e12e534d7e261f136063eead211b37cc90a8ad71b9 |
Red Hat Virtualization: 6 - 7
CPE2.3 External links
http://access.redhat.com/errata/RHSA-2017:1209
Q & A
Can this vulnerability be exploited remotely?
Is there known malware, which exploits this vulnerability?
