High severity7.0NVD Advisory· Published Aug 19, 2017· Updated May 13, 2026

CVE-2017-10661

Description

Race condition in fs/timerfd.c in the Linux kernel before 4.10.15 allows local users to gain privileges or cause a denial of service (list corruption or use-after-free) via simultaneous file-descriptor operations that leverage improper might_cancel queueing.

AI Insight

LLM-synthesized narrative grounded in this CVE's description and references.

Race condition in Linux kernel's timerfd subsystem before 4.10.15 allows local privilege escalation or DoS via simultaneous file-descriptor operations.

Vulnerability

A race condition exists in the fs/timerfd.c file of the Linux kernel before version 4.10.15. The flaw arises from improper handling of might_cancel queueing, which can be triggered by simultaneous file-descriptor operations on the same timerfd object. This issue affects all systems running the affected kernel versions.

Exploitation

An attacker with local access and the ability to execute code can exploit this vulnerability by racing multiple file-descriptor operations (e.g., close(), read(), write()) on a shared timerfd. The race window allows for list corruption or a use-after-free condition, potentially leading to arbitrary code execution.

Impact

Successful exploitation can result in privilege escalation, allowing an attacker to gain root privileges, or cause a denial of service through system crash or kernel memory corruption. The compromise occurs at the kernel level, giving the attacker full control over the system.

Mitigation

The vulnerability is fixed in Linux kernel version 4.10.15 and later. Red Hat has released updates via various errata (e.g., RHSA-2018:3083 [1]). Users should apply the latest kernel updates from their distribution vendor to mitigate the risk.

References

https://access.redhat.com/errata/RHSA-2018:3083

AI Insight generated on May 22, 2026. Synthesized from this CVE's description and the cited reference URLs; citations are validated against the source bundle.

Affected products

102

osv-coords102 versions
pkg:rpm/suse/kernel-bigmem&distro=SUSE%20Linux%20Enterprise%20Server%2011%20SP4 pkg:rpm/suse/kernel-bigmem&distro=SUSE%20Linux%20Enterprise%20Server%20for%20SAP%20Applications%2011%20SP4 pkg:rpm/suse/kernel-bigsmp&distro=SUSE%20Linux%20Enterprise%20Server%2011%20SP3-LTSS pkg:rpm/suse/kernel-default&distro=SUSE%20Linux%20Enterprise%20Point%20of%20Sale%2011%20SP3 pkg:rpm/suse/kernel-default&distro=SUSE%20Linux%20Enterprise%20Server%2011%20SP3-LTSS pkg:rpm/suse/kernel-default&distro=SUSE%20Linux%20Enterprise%20Server%2011%20SP4 pkg:rpm/suse/kernel-default&distro=SUSE%20Linux%20Enterprise%20Server%2012%20SP1-LTSS pkg:rpm/suse/kernel-default&distro=SUSE%20Linux%20Enterprise%20Server%2012-LTSS pkg:rpm/suse/kernel-default&distro=SUSE%20Linux%20Enterprise%20Server%20for%20SAP%20Applications%2011%20SP4 pkg:rpm/suse/kernel-default&distro=SUSE%20Linux%20Enterprise%20Server%20for%20SAP%20Applications%2012%20SP1 pkg:rpm/suse/kernel-default&distro=SUSE%20OpenStack%20Cloud%206 pkg:rpm/suse/kernel-docs&distro=SUSE%20Linux%20Enterprise%20Software%20Development%20Kit%2011%20SP4 pkg:rpm/suse/kernel-ec2&distro=SUSE%20Linux%20Enterprise%20Module%20for%20Public%20Cloud%2012 pkg:rpm/suse/kernel-ec2&distro=SUSE%20Linux%20Enterprise%20Point%20of%20Sale%2011%20SP3 pkg:rpm/suse/kernel-ec2&distro=SUSE%20Linux%20Enterprise%20Server%2011%20SP3-LTSS pkg:rpm/suse/kernel-ec2&distro=SUSE%20Linux%20Enterprise%20Server%2011%20SP4 pkg:rpm/suse/kernel-ec2&distro=SUSE%20Linux%20Enterprise%20Server%20for%20SAP%20Applications%2011%20SP4 pkg:rpm/suse/kernel-pae&distro=SUSE%20Linux%20Enterprise%20Point%20of%20Sale%2011%20SP3 pkg:rpm/suse/kernel-pae&distro=SUSE%20Linux%20Enterprise%20Server%2011%20SP3-LTSS pkg:rpm/suse/kernel-pae&distro=SUSE%20Linux%20Enterprise%20Server%2011%20SP4 pkg:rpm/suse/kernel-pae&distro=SUSE%20Linux%20Enterprise%20Server%20for%20SAP%20Applications%2011%20SP4 pkg:rpm/suse/kernel-ppc64&distro=SUSE%20Linux%20Enterprise%20Server%2011%20SP4 pkg:rpm/suse/kernel-ppc64&distro=SUSE%20Linux%20Enterprise%20Server%20for%20SAP%20Applications%2011%20SP4 pkg:rpm/suse/kernel-rt&distro=SUSE%20Linux%20Enterprise%20Real%20Time%2011%20SP4 pkg:rpm/suse/kernel-rt_trace&distro=SUSE%20Linux%20Enterprise%20Real%20Time%2011%20SP4 pkg:rpm/suse/kernel-source&distro=SUSE%20Linux%20Enterprise%20Point%20of%20Sale%2011%20SP3 pkg:rpm/suse/kernel-source&distro=SUSE%20Linux%20Enterprise%20Server%2011%20SP3-LTSS pkg:rpm/suse/kernel-source&distro=SUSE%20Linux%20Enterprise%20Server%2011%20SP4 pkg:rpm/suse/kernel-source&distro=SUSE%20Linux%20Enterprise%20Server%2012%20SP1-LTSS pkg:rpm/suse/kernel-source&distro=SUSE%20Linux%20Enterprise%20Server%2012-LTSS pkg:rpm/suse/kernel-source&distro=SUSE%20Linux%20Enterprise%20Server%20for%20SAP%20Applications%2011%20SP4 pkg:rpm/suse/kernel-source&distro=SUSE%20Linux%20Enterprise%20Server%20for%20SAP%20Applications%2012%20SP1 pkg:rpm/suse/kernel-source&distro=SUSE%20OpenStack%20Cloud%206 pkg:rpm/suse/kernel-source-rt&distro=SUSE%20Linux%20Enterprise%20Real%20Time%2011%20SP4 pkg:rpm/suse/kernel-syms&distro=SUSE%20Linux%20Enterprise%20Point%20of%20Sale%2011%20SP3 pkg:rpm/suse/kernel-syms&distro=SUSE%20Linux%20Enterprise%20Server%2011%20SP3-LTSS pkg:rpm/suse/kernel-syms&distro=SUSE%20Linux%20Enterprise%20Server%2011%20SP4 pkg:rpm/suse/kernel-syms&distro=SUSE%20Linux%20Enterprise%20Server%2012%20SP1-LTSS pkg:rpm/suse/kernel-syms&distro=SUSE%20Linux%20Enterprise%20Server%2012-LTSS pkg:rpm/suse/kernel-syms&distro=SUSE%20Linux%20Enterprise%20Server%20for%20SAP%20Applications%2011%20SP4 pkg:rpm/suse/kernel-syms&distro=SUSE%20Linux%20Enterprise%20Server%20for%20SAP%20Applications%2012%20SP1 pkg:rpm/suse/kernel-syms&distro=SUSE%20OpenStack%20Cloud%206 pkg:rpm/suse/kernel-syms-rt&distro=SUSE%20Linux%20Enterprise%20Real%20Time%2011%20SP4 pkg:rpm/suse/kernel-trace&distro=SUSE%20Linux%20Enterprise%20Point%20of%20Sale%2011%20SP3 pkg:rpm/suse/kernel-trace&distro=SUSE%20Linux%20Enterprise%20Server%2011%20SP3-LTSS pkg:rpm/suse/kernel-trace&distro=SUSE%20Linux%20Enterprise%20Server%2011%20SP4 pkg:rpm/suse/kernel-trace&distro=SUSE%20Linux%20Enterprise%20Server%20for%20SAP%20Applications%2011%20SP4 pkg:rpm/suse/kernel-xen&distro=SUSE%20Linux%20Enterprise%20Point%20of%20Sale%2011%20SP3 pkg:rpm/suse/kernel-xen&distro=SUSE%20Linux%20Enterprise%20Server%2011%20SP3-LTSS pkg:rpm/suse/kernel-xen&distro=SUSE%20Linux%20Enterprise%20Server%2011%20SP4 pkg:rpm/suse/kernel-xen&distro=SUSE%20Linux%20Enterprise%20Server%2012%20SP1-LTSS pkg:rpm/suse/kernel-xen&distro=SUSE%20Linux%20Enterprise%20Server%2012-LTSS pkg:rpm/suse/kernel-xen&distro=SUSE%20Linux%20Enterprise%20Server%20for%20SAP%20Applications%2011%20SP4 pkg:rpm/suse/kernel-xen&distro=SUSE%20Linux%20Enterprise%20Server%20for%20SAP%20Applications%2012%20SP1 pkg:rpm/suse/kernel-xen&distro=SUSE%20OpenStack%20Cloud%206 pkg:rpm/suse/kgraft-patch-SLE12-SP1_Update_10&distro=SUSE%20Linux%20Enterprise%20Server%2012%20SP1-LTSS pkg:rpm/suse/kgraft-patch-SLE12-SP1_Update_10&distro=SUSE%20Linux%20Enterprise%20Server%20for%20SAP%20Applications%2012%20SP1 pkg:rpm/suse/kgraft-patch-SLE12-SP1_Update_11&distro=SUSE%20Linux%20Enterprise%20Server%2012%20SP1-LTSS pkg:rpm/suse/kgraft-patch-SLE12-SP1_Update_11&distro=SUSE%20Linux%20Enterprise%20Server%20for%20SAP%20Applications%2012%20SP1 pkg:rpm/suse/kgraft-patch-SLE12-SP1_Update_12&distro=SUSE%20Linux%20Enterprise%20Server%2012%20SP1-LTSS pkg:rpm/suse/kgraft-patch-SLE12-SP1_Update_12&distro=SUSE%20Linux%20Enterprise%20Server%20for%20SAP%20Applications%2012%20SP1 pkg:rpm/suse/kgraft-patch-SLE12-SP1_Update_13&distro=SUSE%20Linux%20Enterprise%20Server%2012%20SP1-LTSS pkg:rpm/suse/kgraft-patch-SLE12-SP1_Update_13&distro=SUSE%20Linux%20Enterprise%20Server%20for%20SAP%20Applications%2012%20SP1 pkg:rpm/suse/kgraft-patch-SLE12-SP1_Update_14&distro=SUSE%20Linux%20Enterprise%20Server%2012%20SP1-LTSS pkg:rpm/suse/kgraft-patch-SLE12-SP1_Update_14&distro=SUSE%20Linux%20Enterprise%20Server%20for%20SAP%20Applications%2012%20SP1 pkg:rpm/suse/kgraft-patch-SLE12-SP1_Update_15&distro=SUSE%20Linux%20Enterprise%20Server%2012%20SP1-LTSS pkg:rpm/suse/kgraft-patch-SLE12-SP1_Update_15&distro=SUSE%20Linux%20Enterprise%20Server%20for%20SAP%20Applications%2012%20SP1 pkg:rpm/suse/kgraft-patch-SLE12-SP1_Update_16&distro=SUSE%20Linux%20Enterprise%20Server%2012%20SP1-LTSS pkg:rpm/suse/kgraft-patch-SLE12-SP1_Update_16&distro=SUSE%20Linux%20Enterprise%20Server%20for%20SAP%20Applications%2012%20SP1 pkg:rpm/suse/kgraft-patch-SLE12-SP1_Update_17&distro=SUSE%20Linux%20Enterprise%20Server%2012%20SP1-LTSS pkg:rpm/suse/kgraft-patch-SLE12-SP1_Update_17&distro=SUSE%20Linux%20Enterprise%20Server%20for%20SAP%20Applications%2012%20SP1 pkg:rpm/suse/kgraft-patch-SLE12-SP1_Update_18&distro=SUSE%20Linux%20Enterprise%20Server%2012%20SP1-LTSS pkg:rpm/suse/kgraft-patch-SLE12-SP1_Update_18&distro=SUSE%20Linux%20Enterprise%20Server%20for%20SAP%20Applications%2012%20SP1 pkg:rpm/suse/kgraft-patch-SLE12-SP1_Update_19&distro=SUSE%20Linux%20Enterprise%20Server%2012%20SP1-LTSS pkg:rpm/suse/kgraft-patch-SLE12-SP1_Update_19&distro=SUSE%20Linux%20Enterprise%20Server%20for%20SAP%20Applications%2012%20SP1 pkg:rpm/suse/kgraft-patch-SLE12-SP1_Update_20&distro=SUSE%20Linux%20Enterprise%20Server%2012%20SP1-LTSS pkg:rpm/suse/kgraft-patch-SLE12-SP1_Update_20&distro=SUSE%20Linux%20Enterprise%20Server%20for%20SAP%20Applications%2012%20SP1 pkg:rpm/suse/kgraft-patch-SLE12-SP1_Update_21&distro=SUSE%20Linux%20Enterprise%20Server%2012%20SP1-LTSS pkg:rpm/suse/kgraft-patch-SLE12-SP1_Update_21&distro=SUSE%20Linux%20Enterprise%20Server%20for%20SAP%20Applications%2012%20SP1 pkg:rpm/suse/kgraft-patch-SLE12-SP1_Update_22&distro=SUSE%20Linux%20Enterprise%20Server%2012%20SP1-LTSS pkg:rpm/suse/kgraft-patch-SLE12-SP1_Update_22&distro=SUSE%20Linux%20Enterprise%20Server%20for%20SAP%20Applications%2012%20SP1 pkg:rpm/suse/kgraft-patch-SLE12-SP1_Update_22&distro=SUSE%20OpenStack%20Cloud%206 pkg:rpm/suse/kgraft-patch-SLE12-SP2_Update_2&distro=SUSE%20Linux%20Enterprise%20Live%20Patching%2012 pkg:rpm/suse/kgraft-patch-SLE12-SP2_Update_3&distro=SUSE%20Linux%20Enterprise%20Live%20Patching%2012 pkg:rpm/suse/kgraft-patch-SLE12-SP2_Update_4&distro=SUSE%20Linux%20Enterprise%20Live%20Patching%2012 pkg:rpm/suse/kgraft-patch-SLE12-SP2_Update_5&distro=SUSE%20Linux%20Enterprise%20Live%20Patching%2012 pkg:rpm/suse/kgraft-patch-SLE12-SP2_Update_6&distro=SUSE%20Linux%20Enterprise%20Live%20Patching%2012 pkg:rpm/suse/kgraft-patch-SLE12-SP2_Update_7&distro=SUSE%20Linux%20Enterprise%20Live%20Patching%2012 pkg:rpm/suse/kgraft-patch-SLE12-SP2_Update_8&distro=SUSE%20Linux%20Enterprise%20Live%20Patching%2012 pkg:rpm/suse/kgraft-patch-SLE12-SP2_Update_9&distro=SUSE%20Linux%20Enterprise%20Live%20Patching%2012 pkg:rpm/suse/kgraft-patch-SLE12_Update_17&distro=SUSE%20Linux%20Enterprise%20Server%2012-LTSS pkg:rpm/suse/kgraft-patch-SLE12_Update_18&distro=SUSE%20Linux%20Enterprise%20Server%2012-LTSS pkg:rpm/suse/kgraft-patch-SLE12_Update_19&distro=SUSE%20Linux%20Enterprise%20Server%2012-LTSS pkg:rpm/suse/kgraft-patch-SLE12_Update_20&distro=SUSE%20Linux%20Enterprise%20Server%2012-LTSS pkg:rpm/suse/kgraft-patch-SLE12_Update_21&distro=SUSE%20Linux%20Enterprise%20Server%2012-LTSS pkg:rpm/suse/kgraft-patch-SLE12_Update_22&distro=SUSE%20Linux%20Enterprise%20Server%2012-LTSS pkg:rpm/suse/kgraft-patch-SLE12_Update_23&distro=SUSE%20Linux%20Enterprise%20Server%2012-LTSS pkg:rpm/suse/kgraft-patch-SLE12_Update_24&distro=SUSE%20Linux%20Enterprise%20Server%2012-LTSS pkg:rpm/suse/kgraft-patch-SLE12_Update_25&distro=SUSE%20Linux%20Enterprise%20Server%2012-LTSS pkg:rpm/suse/kgraft-patch-SLE12_Update_26&distro=SUSE%20Linux%20Enterprise%20Server%2012-LTSS pkg:rpm/suse/kgraft-patch-SLE12_Update_27&distro=SUSE%20Linux%20Enterprise%20Server%2012-LTSS pkg:rpm/suse/kgraft-patch-SLE12_Update_28&distro=SUSE%20Linux%20Enterprise%20Server%2012-LTSS
< 3.0.101-108.18.1+ 101 more
- (no CPE)range: < 3.0.101-108.18.1
- (no CPE)range: < 3.0.101-108.18.1
- (no CPE)range: < 3.0.101-0.47.106.5.1
- (no CPE)range: < 3.0.101-0.47.106.5.1
- (no CPE)range: < 3.0.101-0.47.106.5.1
- (no CPE)range: < 3.0.101-108.18.1
- (no CPE)range: < 3.12.74-60.64.63.1
- (no CPE)range: < 3.12.61-52.101.1
- (no CPE)range: < 3.0.101-108.18.1
- (no CPE)range: < 3.12.74-60.64.63.1
- (no CPE)range: < 3.12.74-60.64.63.1
- (no CPE)range: < 3.0.101-108.18.3
- (no CPE)range: < 3.12.74-60.64.63.1
- (no CPE)range: < 3.0.101-0.47.106.5.1
- (no CPE)range: < 3.0.101-0.47.106.5.1
- (no CPE)range: < 3.0.101-108.18.1
- (no CPE)range: < 3.0.101-108.18.1
- (no CPE)range: < 3.0.101-0.47.106.5.1
- (no CPE)range: < 3.0.101-0.47.106.5.1
- (no CPE)range: < 3.0.101-108.18.1
- (no CPE)range: < 3.0.101-108.18.1
- (no CPE)range: < 3.0.101-108.18.1
- (no CPE)range: < 3.0.101-108.18.1
- (no CPE)range: < 3.0.101.rt130-69.8.1
- (no CPE)range: < 3.0.101.rt130-69.8.1
- (no CPE)range: < 3.0.101-0.47.106.5.1
- (no CPE)range: < 3.0.101-0.47.106.5.1
- (no CPE)range: < 3.0.101-108.18.1
- (no CPE)range: < 3.12.74-60.64.63.1
- (no CPE)range: < 3.12.61-52.101.1
- (no CPE)range: < 3.0.101-108.18.1
- (no CPE)range: < 3.12.74-60.64.63.1
- (no CPE)range: < 3.12.74-60.64.63.1
- (no CPE)range: < 3.0.101.rt130-69.8.1
- (no CPE)range: < 3.0.101-0.47.106.5.1
- (no CPE)range: < 3.0.101-0.47.106.5.1
- (no CPE)range: < 3.0.101-108.18.1
- (no CPE)range: < 3.12.74-60.64.63.1
- (no CPE)range: < 3.12.61-52.101.1
- (no CPE)range: < 3.0.101-108.18.1
- (no CPE)range: < 3.12.74-60.64.63.1
- (no CPE)range: < 3.12.74-60.64.63.1
- (no CPE)range: < 3.0.101.rt130-69.8.1
- (no CPE)range: < 3.0.101-0.47.106.5.1
- (no CPE)range: < 3.0.101-0.47.106.5.1
- (no CPE)range: < 3.0.101-108.18.1
- (no CPE)range: < 3.0.101-108.18.1
- (no CPE)range: < 3.0.101-0.47.106.5.1
- (no CPE)range: < 3.0.101-0.47.106.5.1
- (no CPE)range: < 3.0.101-108.18.1
- (no CPE)range: < 3.12.74-60.64.63.1
- (no CPE)range: < 3.12.61-52.101.1
- (no CPE)range: < 3.0.101-108.18.1
- (no CPE)range: < 3.12.74-60.64.63.1
- (no CPE)range: < 3.12.74-60.64.63.1
- (no CPE)range: < 12-2.1
- (no CPE)range: < 12-2.1
- (no CPE)range: < 11-2.1
- (no CPE)range: < 11-2.1
- (no CPE)range: < 10-2.1
- (no CPE)range: < 10-2.1
- (no CPE)range: < 9-2.1
- (no CPE)range: < 9-2.1
- (no CPE)range: < 8-2.1
- (no CPE)range: < 8-2.1
- (no CPE)range: < 7-2.1
- (no CPE)range: < 7-2.1
- (no CPE)range: < 7-2.1
- (no CPE)range: < 7-2.1
- (no CPE)range: < 6-2.1
- (no CPE)range: < 6-2.1
- (no CPE)range: < 5-2.1
- (no CPE)range: < 5-2.1
- (no CPE)range: < 5-2.1
- (no CPE)range: < 5-2.1
- (no CPE)range: < 5-2.1
- (no CPE)range: < 5-2.1
- (no CPE)range: < 4-2.1
- (no CPE)range: < 4-2.1
- (no CPE)range: < 1-2.1
- (no CPE)range: < 1-2.1
- (no CPE)range: < 1-2.1
- (no CPE)range: < 11-2.1
- (no CPE)range: < 11-2.1
- (no CPE)range: < 11-2.1
- (no CPE)range: < 9-2.1
- (no CPE)range: < 8-2.1
- (no CPE)range: < 7-2.1
- (no CPE)range: < 7-2.1
- (no CPE)range: < 6-2.1
- (no CPE)range: < 11-2.1
- (no CPE)range: < 11-2.1
- (no CPE)range: < 10-2.1
- (no CPE)range: < 8-2.1
- (no CPE)range: < 7-2.1
- (no CPE)range: < 7-2.1
- (no CPE)range: < 6-2.1
- (no CPE)range: < 5-2.1
- (no CPE)range: < 5-2.1
- (no CPE)range: < 5-2.1
- (no CPE)range: < 4-2.1
- (no CPE)range: < 1-8.1

Patches

No patches discovered yet.

Vulnerability mechanics

AI mechanics synthesis has not run for this CVE yet.

References

git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/nvdIssue TrackingPatchThird Party Advisory
github.com/torvalds/linux/commit/1e38da300e1e395a15048b0af1e5305bd91402f6nvdIssue TrackingPatchThird Party Advisory
source.android.com/security/bulletin/2017-08-01nvdPatchVendor Advisory
www.debian.org/security/2017/dsa-3981nvdMailing ListThird Party Advisory
www.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.10.15nvdRelease NotesVendor Advisory
www.securityfocus.com/bid/100215nvdThird Party AdvisoryVDB Entry
access.redhat.com/errata/RHSA-2018:3083nvdThird Party Advisory
access.redhat.com/errata/RHSA-2018:3096nvdThird Party Advisory
access.redhat.com/errata/RHSA-2019:4057nvdThird Party Advisory
access.redhat.com/errata/RHSA-2019:4058nvdThird Party Advisory
access.redhat.com/errata/RHSA-2020:0036nvdThird Party Advisory
www.exploit-db.com/exploits/43345/nvdThird Party AdvisoryVDB Entry
bugzilla.redhat.com/show_bug.cginvdIssue Tracking

News mentions

No linked articles in our index yet.

cvss	0.455
epss	0.021
exploit	0.030
kev	0.000
patch	0.000
ransomware	0.000