High severity7.8NVD Advisory· Published Apr 23, 2017· Updated May 13, 2026

CVE-2017-8072

Description

The cp2112_gpio_direction_input function in drivers/hid/hid-cp2112.c in the Linux kernel 4.9.x before 4.9.9 does not have the expected EIO error status for a zero-length report, which allows local users to have an unspecified impact via unknown vectors.

Patches

No patches discovered yet.

Vulnerability mechanics

AI mechanics synthesis has not run for this CVE yet.

References

www.openwall.com/lists/oss-security/2017/04/16/4nvdMailing ListPatchThird Party Advisory
git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/nvdPatch
github.com/torvalds/linux/commit/8e9faa15469ed7c7467423db4c62aeed3ff4cae3nvdPatch
www.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.9.9nvdRelease NotesVendor Advisory
www.securityfocus.com/bid/98010nvdThird Party AdvisoryVDB Entry

News mentions

No linked articles in our index yet.

cvss	0.507
epss	0.000
exploit	0.000
kev	0.000
patch	0.000
ransomware	0.000