Home

CVE-2017-10663

Description

The sanity_check_ckpt function in fs/f2fs/super.c in the Linux kernel before 4.12.4 does not validate the blkoff and segno arrays, which allows local users to gain privileges via unspecified vectors.

Risk Information

Base Score
7.8
MODERATE
Vector
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
EPSS Score
Exploitation Probability
0.046

Associated Vulnerability

VulnerabilityOS Platform
Linux kernel (USN-3406-1) linux-image-generic_3.13.0.135.144_i386.debLinux
Linux kernel (USN-3406-1) linux-image-lowlatency_3.13.0.135.144_i386.debLinux
Linux hardware enablement (HWE) kernel (USN-3443-2) linux-image-generic-hwe-16.04_4.10.0.38.40_i386.debLinux
Linux hardware enablement (HWE) kernel (USN-3443-2) linux-image-generic-hwe-16.04_4.10.0.38.40_amd64.debLinux
Linux hardware enablement (HWE) kernel (USN-3443-2) linux-image-lowlatency-hwe-16.04_4.10.0.38.40_i386.debLinux
Linux hardware enablement (HWE) kernel (USN-3443-2) linux-image-lowlatency-hwe-16.04_4.10.0.38.40_amd64.debLinux
Linux hardware enablement (HWE) kernel (USN-3468-2) linux-image-4.10.0-38-generic_4.10.0-38.42~16.04.1_i386.debLinux
Linux hardware enablement (HWE) kernel (USN-3468-2) linux-image-4.10.0-38-generic_4.10.0-38.42~16.04.1_amd64.debLinux
Linux hardware enablement (HWE) kernel (USN-3468-2) linux-image-4.10.0-38-lowlatency_4.10.0-38.42~16.04.1_i386.debLinux
Linux hardware enablement (HWE) kernel (USN-3468-2) linux-image-4.10.0-38-lowlatency_4.10.0-38.42~16.04.1_amd64.debLinux
Linux kernel for Google Cloud Platform (GCP) systems (USN-3468-3) linux-image-4.10.0-1008-gcp_4.10.0-1008.8_amd64.debLinux
Linux kernel (USN-3470-1) linux-image-generic_3.13.0.135.144_i386.debLinux
Linux kernel (USN-3470-1) linux-image-generic_3.13.0.135.144_amd64.debLinux
Linux kernel (USN-3470-1) linux-image-lowlatency_3.13.0.135.144_i386.debLinux
Linux kernel (USN-3470-1) linux-image-lowlatency_3.13.0.135.144_amd64.debLinux
Linux kernel (USN-3470-1) linux-image-3.13.0-135-generic_3.13.0-135.184_i386.debLinux
Linux kernel (USN-3470-1) linux-image-3.13.0-135-generic_3.13.0-135.184_amd64.debLinux
Linux kernel (USN-3470-1) linux-image-3.13.0-135-lowlatency_3.13.0-135.184_i386.debLinux
Linux kernel (USN-3470-1) linux-image-3.13.0-135-lowlatency_3.13.0-135.184_amd64.debLinux
Linux kernel (USN-3468-1) linux-image-4.10.0-38-generic_4.10.0-38.42_i386.debLinux
Linux kernel (USN-3468-1) linux-image-4.10.0-38-generic_4.10.0-38.42_amd64.debLinux
Linux kernel (USN-3468-1) linux-image-4.10.0-38-lowlatency_4.10.0-38.42_i386.debLinux
Linux kernel (USN-3468-1) linux-image-4.10.0-38-lowlatency_4.10.0-38.42_amd64.debLinux

Patch Details

No records found

References

https://nvd.nist.gov/vuln/detail/CVE-2023-1234
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-1234