CVE-2017-8824
- Source
- https://cve.org/CVERecord?id=CVE-2017-8824
- Import Source
- https://storage.googleapis.com/osv-test-cve-osv-conversion/osv-output/CVE-2017-8824.json
- JSON Data
- https://api.test.osv.dev/v1/vulns/CVE-2017-8824
- Downstream
- Related
- Published
- 2017-12-05T09:29:00.367Z
- Modified
- 2026-03-12T22:41:14.804167Z
- Severity
-
- 7.8 (High) CVSS_V3 - CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H CVSS Calculator
- Summary
- [none]
- Details
-
The dccpdisconnect function in net/dccp/proto.c in the Linux kernel through 4.14.3 allows local users to gain privileges or cause a denial of service (use-after-free) via an AFUNSPEC connect system call during the DCCP_LISTEN state.
- References
-
- http://lists.openwall.net/netdev/2017/12/04/224
- http://www.securityfocus.com/bid/102056
- https://help.ecostruxureit.com/display/public/UADCE725/Security+fixes+in+StruxureWare+Data+Center+Expert+v7.6.0
- https://usn.ubuntu.com/3581-2/
- https://usn.ubuntu.com/3581-3/
- https://access.redhat.com/errata/RHSA-2018:1170
- https://www.debian.org/security/2018/dsa-4082
- http://lists.opensuse.org/opensuse-security-announce/2018-01/msg00007.html
- https://access.redhat.com/errata/RHSA-2018:0676
- https://access.redhat.com/errata/RHSA-2018:1130
- https://access.redhat.com/errata/RHSA-2018:1319
- https://access.redhat.com/errata/RHSA-2018:3822
- https://lists.debian.org/debian-lts-announce/2017/12/msg00004.html
- https://usn.ubuntu.com/3581-1/
- https://usn.ubuntu.com/3582-1/
- http://www.openwall.com/lists/oss-security/2017/12/05/1
- https://access.redhat.com/errata/RHSA-2018:0399
- https://access.redhat.com/errata/RHSA-2018:1062
- https://access.redhat.com/errata/RHSA-2018:1216
- https://usn.ubuntu.com/3582-2/
- https://usn.ubuntu.com/3583-1/
- https://usn.ubuntu.com/3583-2/
- https://www.debian.org/security/2017/dsa-4073
- https://www.exploit-db.com/exploits/43234/
Affected packages
Git /
Database specific
unresolved_ranges
[
{
"events": [
{
"introduced": "2.6.14"
},
{
"fixed": "3.2.97"
}
]
},
{
"events": [
{
"introduced": "3.3"
},
{
"fixed": "3.16.52"
}
]
},
{
"events": [
{
"introduced": "3.17"
},
{
"fixed": "3.18.95"
}
]
},
{
"events": [
{
"introduced": "3.19"
},
{
"fixed": "4.1.50"
}
]
},
{
"events": [
{
"introduced": "4.2"
},
{
"fixed": "4.4.116"
}
]
},
{
"events": [
{
"introduced": "4.5"
},
{
"fixed": "4.9.82"
}
]
},
{
"events": [
{
"introduced": "4.10"
},
{
"fixed": "4.14.20"
}
]
}
]
source
"https://storage.googleapis.com/osv-test-cve-osv-conversion/osv-output/CVE-2017-8824.json"