CVE-2017-6074 PoC — Linux kernel 安全漏洞

Source

https://github.com/34zY/CVE-2017-6074-DOS

Associated Vulnerability

Title:Linux kernel 安全漏洞 (CVE-2017-6074)
Description:The dccp_rcv_state_process function in net/dccp/input.c in the Linux kernel through 4.9.11 mishandles DCCP_PKT_REQUEST packet data structures in the LISTEN state, which allows local users to obtain root privileges or cause a denial of service (double free) via an application that makes an IPV6_RECVPKTINFO setsockopt system call.

Description

This repository provides a modified version of the original CVE-2017-6074 exploit (use-after-free in the Linux kernel DCCP subsystem), designed only to demonstrate Denial of Service (DoS) impact. An authenticated local user can trigger a kernel panic, causing a total loss of system availability.

Readme

# CVE-2017-6074 - DoS-Only Exploit (Linux DCCP kernel panic)

This repository provides a modified version of the original CVE-2017-6074 exploit (use-after-free in the Linux kernel DCCP subsystem), designed only to demonstrate **Denial of Service (DoS)** impact.  

An authenticated local user can trigger a **kernel panic**, causing a total loss of system availability.

 - **No privilege escalation** is attempted or achieved.
 - Exploit requires local user access (e.g., via SSH).
 - For security research, PoC demonstration, and controlled testing environments only.

 ## References
 - [CVE-2017-6074](https://nvd.nist.gov/vuln/detail/CVE-2017-6074)
 - [CWE-416: Use After Free](https://cwe.mitre.org/data/definitions/416.html)

 ## Disclaimer
 ⚠️ **Run this code ONLY on authorized test systems. This program will immediately crash the kernel.**  

 _Use it at your personal risks, i'm not responsible for bad usages._

File Snapshot

Remarks

1. It is advised to access via the original source first.

2. Local POC snapshots are reserved for subscribers — if the original source is unavailable, the local mirror is part of the paid plan.

View subscription plans →

Goal Reached Thanks to every supporter — we hit 100%!