CVE-2017-7273

Опубликовано: 27 мар. 2017

Источник: redhat

CVSS3: 4.6

Описание

The cp_report_fixup function in drivers/hid/hid-cypress.c in the Linux kernel 3.2 and 4.x before 4.9.4 allows physically proximate attackers to cause a denial of service (integer underflow) or possibly have unspecified other impact via a crafted HID report.

An integer underflow flaw was found in the way the Linux kernel handles crafted Cypress HID (Human Interface Device) reports. An attacker with physical access to the system could use this flaw to crash the system and cause a denial of service (DoS).

Затронутые пакеты

Платформа	Пакет	Состояние
Red Hat Enterprise Linux 5	kernel	Not affected
Red Hat Enterprise Linux 6	kernel	Will not fix
Red Hat Enterprise Linux 7	kernel	Affected
Red Hat Enterprise Linux 7	kernel-alt	Not affected
Red Hat Enterprise Linux 7	kernel-rt	Affected
Red Hat Enterprise Linux 8	kernel	Not affected
Red Hat Enterprise Linux 8	kernel-rt	Not affected
Red Hat Enterprise MRG 2	kernel-rt	Will not fix

Показывать по

Ссылки на источники

Дополнительная информация

Статус:

Low

Дефект:

CWE-190

https://bugzilla.redhat.com/show_bug.cgi?id=1437435kernel: HID: integer underflow in cp_report_fixup() (drivers/hid/hid-cypress.c)

4.6 Medium

CVSS3

Связанные уязвимости

CVE-2017-7273

CVSS3: 6.6

ubuntu

больше 8 лет назад

CVE-2017-7273

CVSS3: 6.6

nvd

больше 8 лет назад

CVE-2017-7273

CVSS3: 6.6

debian

больше 8 лет назад

The cp_report_fixup function in drivers/hid/hid-cypress.c in the Linux ...

GHSA-v5mm-56c6-4662

CVSS3: 6.6

github

около 3 лет назад

ELSA-2017-3595

oracle-oval

около 8 лет назад

ELSA-2017-3595: Unbreakable Enterprise kernel security update (IMPORTANT)

4.6 Medium

CVSS3