PatchSiren cyber security CVE debrief

CVE-2017-0427 Linux CVE debrief

CVE-2017-0427 describes a local elevation of privilege flaw in the kernel file system path that could let a malicious app execute code in kernel context. The affected scope in the supplied record includes Android up to 7.1.1 and Linux kernel 3.10 and 3.18. The Android bulletin text characterizes the impact as Critical because successful abuse could lead to permanent device compromise and, in some cases, require reflashing the operating system to recover.

Vendor: Linux
Product: CVE-2017-0427
CVSS: HIGH 7.8
CISA KEV: Not listed in stored evidence
Original CVE published: 2017-02-08
Original CVE updated: 2026-05-13
Advisory published: 2017-02-08
Advisory updated: 2026-05-13

Who should care

Android platform maintainers, OEM security teams, kernel integrators, and defenders responsible for devices running Linux kernel 3.10 or 3.18 should treat this as a high-priority local privilege-escalation issue. Security teams should also pay attention where untrusted local apps can be installed or where device recovery is costly.

Technical summary

The vulnerability is a kernel file system elevation of privilege issue. NVD lists the attack vector as local, requiring user interaction, with high impacts to confidentiality, integrity, and availability (CVSS 3.0: AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H). The supplied corpus ties the issue to Android and to Linux kernel 3.10 and 3.18. The vendor advisory reference is the Android security bulletin for 2017-02-01, which is the primary remediation pointer in the source set.

Defensive priority

High. This is a local attack, but the impact reaches kernel execution and potentially durable device compromise, so patching and exposure reduction should be prioritized on affected Android and Linux-based devices.

Recommended defensive actions

Apply the Android security bulletin remediation referenced in the official vendor advisory.
Update or replace affected systems running Linux kernel 3.10 or 3.18 with vendor-fixed builds.
Restrict installation and execution of untrusted local applications on exposed devices.
Validate whether deployed Android builds are at or below 7.1.1, as listed by NVD, and prioritize remediation if so.
Use the official NVD and CVE records to confirm affected product scope before planning maintenance windows.

Evidence notes

All statements above are drawn from the supplied CVE record, NVD metadata, and the referenced Android security bulletin link. The record states: a kernel file system elevation of privilege vulnerability; affected versions include Android through 7.1.1 and Linux kernel 3.10/3.18; NVD CVSS vector AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H with score 7.8; and the Android bulletin reference is the mitigation source in the corpus. The source corpus also notes that the Android bulletin text describes the issue as Critical and mentions the possibility of reflashing the operating system to repair a device.

Official resources

CVE-2017-0427 CVE record
CVE.org
CVE-2017-0427 NVD detail
NVD
Source item URL
nvd_modified
Mitigation or vendor reference
[email protected] - Third Party Advisory, VDB Entry
Source reference
[email protected]
Mitigation or vendor reference
[email protected] - Patch, Vendor Advisory

CVE published 2017-02-08T15:59:01.317Z and modified 2026-05-13T00:24:29.033Z. The supplied source metadata identifies the Android security bulletin reference as the remediation source and the NVD record as the authoritative vulnerability-dB