594
edits
Changes
042stab126.2
== Changes ==
Since {{kernel link|rhel6|042stab126.1}}:
* [Important] dccp_disconnect() set the socket state to DCCP_CLOSED but did not properly free some of the resources associated with that socket. This could result in a use-after-free and could potentially allow an attacker to escalate their privileges. (CVE-2017-8824)
* [Important] The Linux kernel is vulnerable to a use-after-free issue. It could occur while closing a xfrm netlink socket, in xfrm_dump_policy_done. A user/process could use this flaw to potentially escalate their privileges on a system. (CVE-2017-16939)
=== See also ===
* {{CVE|2017-8824}}
* {{CVE|2017-16939}}
Since {{kernel link|rhel6|042stab126.1}}:
* [Important] dccp_disconnect() set the socket state to DCCP_CLOSED but did not properly free some of the resources associated with that socket. This could result in a use-after-free and could potentially allow an attacker to escalate their privileges. (CVE-2017-8824)
* [Important] The Linux kernel is vulnerable to a use-after-free issue. It could occur while closing a xfrm netlink socket, in xfrm_dump_policy_done. A user/process could use this flaw to potentially escalate their privileges on a system. (CVE-2017-16939)
=== See also ===
* {{CVE|2017-8824}}
* {{CVE|2017-16939}}