CVE-2017-10663

🗓️ 19 Aug 2017 18:00:00Reported by mitreType

The sanity_check_ckpt function in fs/f2fs/super.c in the Linux kernel before 4.12.4 does not validate the blkoff and segno arrays, allowing local users to gain privileges via unspecified vectors

Reporter	Title	Published	Views	Family All 72
Cloud Foundry	USN-3420-2: Linux kernel (Xenial HWE) vulnerabilities \| Cloud Foundry	21 Sep 201700:00	–	cloudfoundry
CNVD	Linux kernel elevation of privilege vulnerability (CNVD-2017-24353)	21 Aug 201700:00	–	cnvd
Cvelist	CVE-2017-10663	19 Aug 201718:00	–	cvelist
Debian CVE	CVE-2017-10663	19 Aug 201718:00	–	debiancve
Tenable Nessus	EulerOS Virtualization for ARM 64 3.0.1.0 : kernel (EulerOS-SA-2019-1523)	14 May 201900:00	–	nessus
Tenable Nessus	Ubuntu 16.04 LTS : Linux kernel vulnerabilities (USN-3420-1)	19 Sep 201700:00	–	nessus
Tenable Nessus	Ubuntu 14.04 LTS : Linux kernel (Xenial HWE) vulnerabilities (USN-3420-2)	19 Sep 201700:00	–	nessus
Tenable Nessus	Ubuntu 17.04 : linux, linux-raspi2 vulnerabilities (USN-3468-1)	1 Nov 201700:00	–	nessus
Tenable Nessus	Ubuntu 16.04 LTS : Linux kernel (HWE) vulnerabilities (USN-3468-2)	1 Nov 201700:00	–	nessus
Tenable Nessus	Ubuntu 16.04 LTS : Linux kernel (GCP) vulnerabilities (USN-3468-3)	1 Nov 201700:00	–	nessus

NVD

Node

linux linux_kernelRange3.8–3.18.64

linux linux_kernelRange3.19–4.1.44

linux linux_kernelRange4.2–4.4.81

linux linux_kernelRange4.5–4.9.42

linux linux_kernelRange4.10–4.12.4

Source	Link
github	www.github.com/torvalds/linux/commit/15d3042a937c13f5d9244241c7a9c8416ff6e82a
securityfocus	www.securityfocus.com/bid/100215
source	www.source.android.com/security/bulletin/2017-08-01
bugzilla	www.bugzilla.redhat.com/show_bug.cgi
git	www.git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/
kernel	www.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.12.4

13 May 2026 00:24Current

7.2High risk

Vulners AI Score7.2

CVSS 27.2

CVSS 3.17.8

EPSS0.00046

CWE-129