A use-after-free vulnerability was found in DCCP socket code affecting the Linux kernel since 2.6.16. This vulnerability could allow an attacker to their escalate privileges.
Find out more about CVE-2017-8824 from the MITRE CVE dictionary dictionary and NIST NVD.
This issue affects the versions of the Linux kernel as shipped with Red Hat Enterprise Linux 5, 6, 7, Red Hat Enterprise MRG 2 and real-time kernels. Future updates for the respective releases may address this issue.
This issue does not affect the Linux kernel packages as shipped with Red Hat Enterprise Linux 7 for ARM and Red Hat Enterprise Linux 7 for Power LE.
| CVSS3 Base Score | 7.8 |
|---|---|
| CVSS3 Base Metrics | CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H |
| Attack Vector | Local |
| Attack Complexity | Low |
| Privileges Required | Low |
| User Interaction | None |
| Scope | Unchanged |
| Confidentiality | High |
| Integrity Impact | High |
| Availability Impact | High |
| Platform | Errata | Release Date |
|---|---|---|
| Red Hat Enterprise Linux 7 (kernel) | RHSA-2018:1062 | 2018-04-10 |
| Red Hat Enterprise Linux Server (v. 5 ELS) (kernel) | RHSA-2018:3822 | 2018-12-13 |
| Red Hat Enterprise Linux Extended Update Support 7.4 (kernel) | RHSA-2018:1130 | 2018-04-17 |
| Red Hat Enterprise Linux for Real Time for NFV (v. 7) (kernel-rt) | RHSA-2018:0676 | 2018-04-10 |
| Red Hat Enterprise Linux Advanced Update Support 7.2 (kernel) | RHSA-2018:1216 | 2018-04-24 |
| Red Hat Enterprise Linux Extended Update Support 7.3 (kernel) | RHSA-2018:0399 | 2018-03-06 |
| Red Hat MRG Grid for RHEL 6 Server v.2 (kernel-rt) | RHSA-2018:1170 | 2018-04-17 |
| Red Hat Enterprise Linux Server TUS (v. 7.2) (kernel) | RHSA-2018:1216 | 2018-04-24 |
| Red Hat Enterprise Linux 6 (kernel) | RHSA-2018:1319 | 2018-05-08 |
| Red Hat Enterprise Linux Server Update Services for SAP Solutions 7.2 (kernel) | RHSA-2018:1216 | 2018-04-24 |
| Platform | Package | State |
|---|---|---|
| Red Hat Enterprise Linux 7 | kernel-alt | Not affected |
Vulmon