DCCP Linux Kernel local privilege escalation vulnerability (CVE-2017-6074)

A vulnerability has been found in the DCCP Linux kernel module which allows a local, unprivileged user to escalate privileges on a Linux system. DCCP is used to manage network traffic congestion in the application layer.

This issue affects Red Hat and CentOS releases 5, 6, and 7, as well as other Linux distributions. You should update your Kernel as soon as possible.

To mitigate without a Kernel upgrade, run the following command and reboot your system:

echo "install dccp /bin/true" >> /etc/modprobe.d/disable-dccp.conf

This will disable the DCCP module from loading on boot.

More information can be found here¬†on Red Hat’s website.

This entry was posted in CentOS, Linux, RedHat. Bookmark the permalink.

Comments are closed.