CVE-2017-7273

The cpreportfixup function in drivers/hid/hid-cypress.c in the Linux kernel 3.2 and 4.x before 4.9.4 allows physically proximate attackers to cause a denial of service (integer underflow) or possibly have unspecified other impact via a crafted HID report.

References

Affected packages

Git / git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git

Affected ranges

Type: GIT
Repo: https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git
Events: Introduced

0 Unknown introduced commit / All previous commits are affected

Fixed

1ebb71143758f45dc0fa76e2f48429e13b16d110

Introduced

0 Unknown introduced commit / All previous commits are affected

Fixed

4faec4a2ef5dd481682cc155cb9ea14ba2534b76

Introduced

39a8804455fb23f09157341d3ba7db6d7ae6ee76

Fixed

1ebb71143758f45dc0fa76e2f48429e13b16d110

Affected versions

v4.*

v4.0

v4.1

v4.1-rc1

v4.1-rc2

v4.1-rc3

v4.1-rc4

v4.1-rc5

v4.1-rc6

v4.1-rc7

v4.1-rc8

v4.2

v4.2-rc1

v4.2-rc2

v4.2-rc3

v4.2-rc4

v4.2-rc5

v4.2-rc6

v4.2-rc7

v4.2-rc8

v4.3

v4.3-rc1

v4.3-rc2

v4.3-rc3

v4.3-rc4

v4.3-rc5

v4.3-rc6

v4.3-rc7

v4.4

v4.4-rc1

v4.4-rc2

v4.4-rc3

v4.4-rc4

v4.4-rc5

v4.4-rc6

v4.4-rc7

v4.4-rc8

v4.5

v4.5-rc1

v4.5-rc2

v4.5-rc3

v4.5-rc4

v4.5-rc5

v4.5-rc6

v4.5-rc7

v4.6

v4.6-rc1

v4.6-rc2

v4.6-rc3

v4.6-rc4

v4.6-rc5

v4.6-rc6

v4.6-rc7

v4.7

v4.7-rc1

v4.7-rc2

v4.7-rc3

v4.7-rc4

v4.7-rc5

v4.7-rc6

v4.7-rc7

v4.8

v4.8-rc1

v4.8-rc2

v4.8-rc3

v4.8-rc4

v4.8-rc5

v4.8-rc6

v4.8-rc7

v4.8-rc8

v4.9

v4.9-rc1

v4.9-rc2

v4.9-rc3

v4.9-rc4

v4.9-rc5

v4.9-rc6

v4.9-rc7

v4.9-rc8

Database specific

source

"https://storage.googleapis.com/osv-test-cve-osv-conversion/osv-output/CVE-2017-7273.json"

vanir_signatures

[
    {
        "digest": {
            "function_hash": "264130460966046257119023771231120225643",
            "length": 452.0
        },
        "signature_version": "v1",
        "target": {
            "file": "drivers/hid/hid-cypress.c",
            "function": "cp_report_fixup"
        },
        "signature_type": "Function",
        "id": "CVE-2017-7273-2f7dad8a",
        "source": "https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git@1ebb71143758f45dc0fa76e2f48429e13b16d110",
        "deprecated": false
    },
    {
        "digest": {
            "line_hashes": [
                "101293745501277235009824401488431239368",
                "190152340023171821476168766602689246917",
                "123023230620235408918677902916223049911"
            ],
            "threshold": 0.9
        },
        "signature_version": "v1",
        "target": {
            "file": "drivers/hid/hid-cypress.c"
        },
        "signature_type": "Line",
        "id": "CVE-2017-7273-79eeb304",
        "source": "https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git@1ebb71143758f45dc0fa76e2f48429e13b16d110",
        "deprecated": false
    },
    {
        "digest": {
            "function_hash": "8351391750257113041702087385935017378",
            "length": 503.0
        },
        "signature_version": "v1",
        "target": {
            "file": "drivers/hid/hid-cypress.c",
            "function": "cp_report_fixup"
        },
        "signature_type": "Function",
        "id": "CVE-2017-7273-7dff336a",
        "source": "https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git@4faec4a2ef5dd481682cc155cb9ea14ba2534b76",
        "deprecated": false
    },
    {
        "digest": {
            "line_hashes": [
                "101293745501277235009824401488431239368",
                "190152340023171821476168766602689246917",
                "185386732124278267169179062726680574942"
            ],
            "threshold": 0.9
        },
        "signature_version": "v1",
        "target": {
            "file": "drivers/hid/hid-cypress.c"
        },
        "signature_type": "Line",
        "id": "CVE-2017-7273-fabb4ffb",
        "source": "https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git@4faec4a2ef5dd481682cc155cb9ea14ba2534b76",
        "deprecated": false
    }
]