CVE-2017-7273
Last modified
CVE-2017-7273 is a vulnerability of currently unknown severity. The cp_report_fixup function in drivers/hid/hid-cypress.c in the Linux kernel 3.2 and 4.x before 4.9.4 allows physically proximate attackers to cause a denial of service (integer underflow) or possibly have unspecified other impact via a crafted HID report.. EPSS estimates a 0.45% chance of exploitation in the next 30 days.
Description
The cp_report_fixup function in drivers/hid/hid-cypress.c in the Linux kernel 3.2 and 4.x before 4.9.4 allows physically proximate attackers to cause a denial of service (integer underflow) or possibly have unspecified other impact via a crafted HID report.
Metrics
Affected Software
| Vendor | Product | Versions | Update |
|---|---|---|---|
| Linux | Linux Kernel | 4.0 | — |
| Linux | Linux Kernel | 4.0.0 | — |
| Linux | Linux Kernel | 4.0.2 | — |
| Linux | Linux Kernel | 4.0.3 | — |
| Linux | Linux Kernel | 4.0.4 | — |
| Linux | Linux Kernel | 4.0.5 | — |
| Linux | Linux Kernel | 4.0.6 | — |
| Linux | Linux Kernel | 4.0.7 | — |
| Linux | Linux Kernel | 4.0.8 | — |
| Linux | Linux Kernel | 4.0.9 | — |
| Linux | Linux Kernel | 4.1.0 | — |
| Linux | Linux Kernel | 4.1.2 | — |
| Linux | Linux Kernel | 4.1.3 | — |
| Linux | Linux Kernel | 4.1.4 | — |
| Linux | Linux Kernel | 4.1.5 | — |
| Linux | Linux Kernel | 4.1.6 | — |
| Linux | Linux Kernel | 4.1.7 | — |
| Linux | Linux Kernel | 4.1.8 | — |
| Linux | Linux Kernel | 4.1.9 | — |
| Linux | Linux Kernel | 4.1.10 | — |
| Linux | Linux Kernel | 4.1.11 | — |
| Linux | Linux Kernel | 4.1.12 | — |
| Linux | Linux Kernel | 4.1.13 | — |
| Linux | Linux Kernel | 4.1.14 | — |
| Linux | Linux Kernel | 4.1.15 | — |
| Linux | Linux Kernel | 4.1.16 | — |
| Linux | Linux Kernel | 4.1.17 | — |
| Linux | Linux Kernel | 4.1.18 | — |
| Linux | Linux Kernel | 4.1.19 | — |
| Linux | Linux Kernel | 4.1.20 | — |
| Linux | Linux Kernel | 4.1.21 | — |
| Linux | Linux Kernel | 4.1.22 | — |
| Linux | Linux Kernel | 4.1.23 | — |
| Linux | Linux Kernel | 4.1.33 | — |
| Linux | Linux Kernel | 4.2.0 | — |
| Linux | Linux Kernel | 4.2.1 | — |
| Linux | Linux Kernel | 4.2.2 | — |
| Linux | Linux Kernel | 4.2.3 | — |
| Linux | Linux Kernel | 4.2.4 | — |
| Linux | Linux Kernel | 4.2.5 | — |
| Linux | Linux Kernel | 4.2.7 | — |
| Linux | Linux Kernel | 4.2.8 | — |
| Linux | Linux Kernel | 4.3 | Rc7 |
| Linux | Linux Kernel | 4.3.0 | — |
| Linux | Linux Kernel | 4.3.1 | — |
| Linux | Linux Kernel | 4.3.2 | — |
| Linux | Linux Kernel | 4.3.3 | — |
| Linux | Linux Kernel | 4.3.5 | — |
| Linux | Linux Kernel | 4.3.6 | — |
| Linux | Linux Kernel | 4.4 | Rc8 |
Showing 50 of 108 affected configurations. See NVD for the full list.
References
- http://www.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.9.4Release Notes, Vendor Advisory
- http://www.securityfocus.com/bid/97190Third Party Advisory, VDB Entry
- https://github.com/torvalds/linux/commit/1ebb71143758f45dc0fa76e2f48429e13b16d110Patch, Third Party Advisory
- http://www.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.9.4Release Notes, Vendor Advisory
- http://www.securityfocus.com/bid/97190Third Party Advisory, VDB Entry
- https://github.com/torvalds/linux/commit/1ebb71143758f45dc0fa76e2f48429e13b16d110Patch, Third Party Advisory
Timeline
- Published
- Last Modified
- Status
- Modified
Frequently Asked Questions
What is CVE-2017-7273?
How severe is CVE-2017-7273?
How do I fix CVE-2017-7273?
Are you affected by CVE-2017-7273?
Run a free Strix scan to check your systems for this vulnerability.
Scan your code nowSource: NVD / NIST