Red Hat Bugzilla – Bug 1428907
CVE-2017-6353 kernel: Possible double free in stcp_sendmsg() (incorrect fix for CVE-2017-5986)
Last modified: 2017-06-06 14:25:52 EDT
net/sctp/socket.c in the Linux kernel through 4.10.1 does not properly restrict association peel-off operations during certain wait states, which allows local users to cause a denial of service (invalid unlock and double free) via a multithreaded application.
This vulnerability was introduced by CVE-2017-5986 fix (commit 2dcab5984841).
Created kernel tracking bugs for this issue:
Affects: fedora-all [bug 1428910]
This issue does not affect the Linux kernel packages as shipped with Red Hat Enterprise Linux 5, 6, 7 and MRG-2, as the problem code is not presented in the products listed.
kernel-4.9.13-101.fc24 has been pushed to the Fedora 24 stable repository. If problems still persist, please make note of it in this bug report.