- Description
- The report_fixup functions in the HID subsystem in the Linux kernel before 3.16.2 might allow physically proximate attackers to cause a denial of service (out-of-bounds write) via a crafted device that provides a small report descriptor, related to (1) drivers/hid/hid-cherry.c, (2) drivers/hid/hid-kye.c, (3) drivers/hid/hid-lg.c, (4) drivers/hid/hid-monterey.c, (5) drivers/hid/hid-petalynx.c, and (6) drivers/hid/hid-sunplus.c.
- Source
- chrome-cve-admin@google.com
- NVD status
- Modified
CVSS 2.0
- Type
- Primary
- Base score
- 4.7
- Impact score
- 6.9
- Exploitability score
- 3.4
- Vector string
- AV:L/AC:M/Au:N/C:N/I:N/A:C
- nvd@nist.gov
- CWE-119
- Hype score
- Not currently trending
[
{
"nodes": [
{
"negate": false,
"cpeMatch": [
{
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "8452407A-5074-4385-B9A1-9E49042CCAEB",
"versionEndIncluding": "3.16.1"
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:3.16.0:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "3CFFCDFC-AE4F-47EE-B1DA-05A6865D1745"
}
],
"operator": "OR"
}
]
}
]