Privilege Escalation Vulnerability in Linux Kernel's sanity_check_ckpt Function

Privilege Escalation Vulnerability in Linux Kernel's sanity_check_ckpt Function

CVE-2017-10663 · HIGH Severity

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

The sanity_check_ckpt function in fs/f2fs/super.c in the Linux kernel before 4.12.4 does not validate the blkoff and segno arrays, which allows local users to gain privileges via unspecified vectors.

Learn more about our Cis Benchmark Audit For Distribution Independent Linux.