Vulnerability Description
The cp_report_fixup function in drivers/hid/hid-cypress.c in the Linux kernel 3.2 and 4.x before 4.9.4 allows physically proximate attackers to cause a denial of service (integer underflow) or possibly have unspecified other impact via a crafted HID report.
CVSS Score
MEDIUM
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Linux | Linux Kernel | 4.0 |
References
- http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=1ebb71PatchThird Party Advisory
- http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=4faec4
- http://www.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.9.4Release NotesVendor Advisory
- http://www.securityfocus.com/bid/97190Third Party AdvisoryVDB Entry
- https://github.com/torvalds/linux/commit/1ebb71143758f45dc0fa76e2f48429e13b16d11PatchThird Party Advisory
- http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=1ebb71PatchThird Party Advisory
- http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=4faec4
- http://www.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.9.4Release NotesVendor Advisory
- http://www.securityfocus.com/bid/97190Third Party AdvisoryVDB Entry
- https://github.com/torvalds/linux/commit/1ebb71143758f45dc0fa76e2f48429e13b16d11PatchThird Party Advisory
FAQ
What is CVE-2017-7273?
CVE-2017-7273 is a vulnerability with a CVSS score of 6.6 (MEDIUM). The cp_report_fixup function in drivers/hid/hid-cypress.c in the Linux kernel 3.2 and 4.x before 4.9.4 allows physically proximate attackers to cause a denial of service (integer underflow) or possibl...
How severe is CVE-2017-7273?
CVE-2017-7273 has been rated MEDIUM with a CVSS base score of 6.6/10. Review the CVSS metrics above for detailed severity breakdown.
Is there a patch for CVE-2017-7273?
Check the references section above for vendor advisories and patch information. Affected products include: Linux Linux Kernel.