[Beowulf] Heads up - local root exploit in Linux kernel (CVE-2017-6074)

Christopher Samuel samuel at unimelb.edu.au
Wed Feb 22 18:27:03 PST 2017

Hi all,

Just a heads up that a local root exploit has been announced in the DCCP
stack in the Linux kernel going back quite a way (2005/2006). Having it
compiled as a module (as most kernels do) doesn't help as it will
auto-load when a user tries to call into it.

Original disclosure:


Red Hat info (includes work-around):


Debian info:


the RHEL work around is to disable loading that module with:

echo "install dccp /bin/true" >> /etc/modprobe.d/disable-dccp.conf

but there are also new kernels out.

Good luck folks!
 Christopher Samuel        Senior Systems Administrator
 Melbourne Bioinformatics - The University of Melbourne
 Email: samuel at unimelb.edu.au Phone: +61 (0)3 903 55545

More information about the Beowulf mailing list