HostOnNet Blog

11 Year old Linux Kernal Privilege Escalation vulnerability (CVE-2017-6074)

Recently found vulnerability in Datagram Congestion Control Protocol (DCCP) implementation in Linux kernal allow process running as normal user able to get root access. This vulnerability dates back to 2005. Popular Linux distributions like RedHat, Debian, Ubuntu and SUSE have released newer kernal to address this vulnerability. Everyone should upgrade to latest Linux kernal to prevent this exploit.

You can find more about this vulnerability in RedHat issue tracker at

https://access.redhat.com/security/cve/CVE-2017-6074

A use-after-free flaw was found in the way the Linux kernel’s Datagram Congestion Control Protocol (DCCP) implementation freed SKB (socket buffer) resources for a DCCP_PKT_REQUEST packet when the IPV6_RECVPKTINFO option is set on the socket. A local, unprivileged user could use this flaw to alter the kernel memory, allowing them to escalate their privileges on the system.

To update RedHat/CentOS/Fedora, run

yum update

For Debian/Ubuntu, run

sudo apt update && sudo apt upgrade

Since this is a kernal upgrade, you need to reboot your system.

reboot

If you can’t upgrade kernel for any reason, you can fix the vulnerability by disabling DCCP with

echo "install dccp /bin/true" >> /etc/modprobe.d/disable-dccp.conf
reboot

You need to reboot system as DCCP can’t be unloaded once it is loaded.


Posted in Linux