PatchSiren

PatchSiren cyber security CVE debrief

CVE-2017-6074 Linux CVE debrief

CVE-2017-6074 is a Linux kernel vulnerability in DCCP receive-state processing that mishandles DCCP_PKT_REQUEST data in the LISTEN state. The flaw can trigger a double free, which the NVD describes as enabling local privilege escalation to root or a denial of service. Because exploitation requires local access and kernel interaction, the risk is highest on shared, multi-user Linux systems that permit untrusted local users or workloads.

Vendor
Linux
Product
CVE-2017-6074
CVSS
HIGH 7.8
CISA KEV
Not listed in stored evidence
Original CVE published
2017-02-18
Original CVE updated
2026-05-13
Advisory published
2017-02-18
Advisory updated
2026-05-13

Who should care

Linux kernel maintainers, distribution security teams, server and desktop administrators, and anyone responsible for systems where local users can run code on affected kernels.

Technical summary

The NVD record describes a flaw in dccp_rcv_state_process() in net/dccp/input.c. In the LISTEN state, DCCP_PKT_REQUEST packet data structures are mishandled, leading to a double free (CWE-415). The CVE description says a local user can trigger the issue via an application that makes an IPV6_RECVPKTINFO setsockopt system call. NVD’s CPE criteria list vulnerable Linux kernel branches across the 3.x and 4.x series, and also identify Debian Linux 8.0 as affected.

Defensive priority

High. The issue is local-only, but it can yield root privileges or crash the system, so affected kernels should be patched promptly.

Recommended defensive actions

  • Identify affected kernel versions in your fleet using vendor advisories and package inventories.
  • Apply the kernel updates that contain the fix; the NVD record links to vendor advisories and the upstream Linux patch reference.
  • Prioritize multi-user hosts and systems that allow untrusted local accounts or code execution.
  • Verify whether your Linux distribution has backported the fix rather than relying only on upstream version numbers.
  • Review systems using Debian 8.0 or other affected branches listed in the NVD CPE criteria.
  • Track kernel security advisories from your vendor until all affected branches are confirmed patched.

Evidence notes

This debrief is based on the NVD CVE record and the CVE.org record for CVE-2017-6074. The supplied record states the flaw is a double free in Linux kernel DCCP receive-state handling and maps it to CWE-415. The NVD metadata also includes affected CPE ranges, Debian Linux 8.0, and multiple vendor advisories, which supports the remediation guidance. Timing context uses the CVE published date of 2017-02-18 and the later record modification date of 2026-05-13 only as metadata context.

Official resources

CVE published 2017-02-18; NVD record modified 2026-05-13. This debrief uses the published vulnerability record and its later metadata updates for context only.