Published: 23/04/2017 Updated: 27/04/2017

CVSS v2 Base Score: 7.2 | Impact Score: 10 | Exploitability Score: 3.9

CVSS v3 Base Score: 7.8 | Impact Score: 5.9 | Exploitability Score: 1.8

VMScore: 641

Vector: AV:L/AC:L/Au:N/C:C/I:C/A:C

The cp2112_gpio_direction_input function in drivers/hid/hid-cp2112.c in the Linux kernel 4.9.x prior to 4.9.9 does not have the expected EIO error status for a zero-length report, which allows local users to have an unspecified impact via unknown vectors.

Vulnerable Product	Search on Vulmon	Subscribe to Product
linux linux kernel 4.9.1
linux linux kernel 4.9.3
linux linux kernel 4.9.4
linux linux kernel 4.9.5
linux linux kernel 4.9.6
linux linux kernel 4.9.8
linux linux kernel 4.9
linux linux kernel 4.9.2

The cp2112_gpio_direction_input function in drivers/hid/hid-cp2112c in the Linux kernel 49x before 499 does not have the expected EIO error status for a zero-length report, which allows local users to have an unspecified impact via unknown vectors ...

CWE-388 https://github.com/torvalds/linux/commit/8e9faa15469ed7c7467423db4c62aeed3ff4cae3 https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=8e9faa15469ed7c7467423db4c62aeed3ff4cae3 http://www.openwall.com/lists/oss-security/2017/04/16/4 http://www.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.9.9 http://www.securityfocus.com/bid/98010 https://nvd.nist.gov https://access.redhat.com/security/cve/cve-2017-8072

Get Started

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

Home Recent Vulnerabilities Research Posts Trends Blog About Contact

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Twitter Reddit Linkedin Facebook

CVE-2017-8072

Vulnerability Summary

Vulnerability Trend

Vendor Advisories

References

Vulmon Search

About

Products

Connect