An elevation of privilege vulnerability in the kernel scsi driver. Product: Android. Versions: Android kernel. Android ID A-65023233.
CVE-2017-13168
Score 7.8 from GitHub Security Advisory (severity: HIGH) published 2022-05-13. NVD baseline CVSS 7.8; sources differ by 0.0.
- High severity, but no confirmed exploitation yet
A fix is available — apply it.
- CVSS v3
- 7.8
- EG Score
- 7.8(medium)
- EPSS
- 30.9%
- KEV
- Not listed
Published
December 6, 2017
Last Modified
May 13, 2026
References (16)
- security@androidhttps://source.android.com/security/bulletin/pixel/2017-12-01
- security@androidhttps://usn.ubuntu.com/3753-1/
- security@androidhttps://usn.ubuntu.com/3753-2/
- security@androidhttps://usn.ubuntu.com/3820-1/
- security@androidhttps://usn.ubuntu.com/3820-2/
- security@androidhttps://usn.ubuntu.com/3820-3/
- security@androidhttps://usn.ubuntu.com/3822-1/
- security@androidhttps://usn.ubuntu.com/3822-2/
- af854a3a-2127-422b-91ae-364da2661108https://source.android.com/security/bulletin/pixel/2017-12-01
- af854a3a-2127-422b-91ae-364da2661108https://usn.ubuntu.com/3753-1/
- af854a3a-2127-422b-91ae-364da2661108https://usn.ubuntu.com/3753-2/
- af854a3a-2127-422b-91ae-364da2661108https://usn.ubuntu.com/3820-1/
- af854a3a-2127-422b-91ae-364da2661108https://usn.ubuntu.com/3820-2/
- af854a3a-2127-422b-91ae-364da2661108https://usn.ubuntu.com/3820-3/
- af854a3a-2127-422b-91ae-364da2661108https://usn.ubuntu.com/3822-1/
All Vendor Advisories
(7)
Every vendor that published an advisory referencing this CVE — pulled from our cve_vendor_advisories aggregation. Click any row for the vendor's original advisory page.
- UbuntuUSN-3753-1MEDIUM
Linux kernel vulnerabilities
- UbuntuUSN-3753-2MEDIUM
Linux kernel (Xenial HWE) vulnerabilities
- UbuntuUSN-3820-1MEDIUM
Linux kernel vulnerabilities
- UbuntuUSN-3820-2MEDIUM
Linux kernel (HWE) vulnerabilities
- UbuntuUSN-3820-3MEDIUM
Linux kernel (Azure) vulnerabilities
- UbuntuUSN-3822-1MEDIUM
Linux kernel vulnerabilities
- UbuntuUSN-3822-2MEDIUM
Linux kernel (Trusty HWE) vulnerabilities
Frequently asked(5)
What is CVE-2017-13168?
When was CVE-2017-13168 disclosed?
Is CVE-2017-13168 actively exploited?
What is the CVSS score of CVE-2017-13168?
How do I remediate CVE-2017-13168?
Dependency Blast Radius
Explore the affected products and dependency analysis for CVE-2017-13168
Is Your Infrastructure Affected by CVE-2017-13168?
EchelonGraph automatically scans your cloud infrastructure and maps CVE exposure using blast radius analysis.