Recently found vulnerability in Datagram Congestion Control Protocol (DCCP) implementation in Linux kernal allow process running as normal user able to get root access. This vulnerability dates back to 2005. Popular Linux distributions like RedHat, Debian, Ubuntu and SUSE have released newer kernal to address this vulnerability. Everyone should upgrade to latest Linux kernal to prevent this exploit.
You can find more about this vulnerability in RedHat issue tracker at
A use-after-free flaw was found in the way the Linux kernel’s Datagram Congestion Control Protocol (DCCP) implementation freed SKB (socket buffer) resources for a DCCP_PKT_REQUEST packet when the IPV6_RECVPKTINFO option is set on the socket. A local, unprivileged user could use this flaw to alter the kernel memory, allowing them to escalate their privileges on the system.
To update RedHat/CentOS/Fedora, run
For Debian/Ubuntu, run
sudo apt update && sudo apt upgrade
Since this is a kernal upgrade, you need to reboot your system.
If you can’t upgrade kernel for any reason, you can fix the vulnerability by disabling DCCP with
echo "install dccp /bin/true" >> /etc/modprobe.d/disable-dccp.conf reboot
You need to reboot system as DCCP can’t be unloaded once it is loaded.