The cp_report_fixup function in drivers/hid/hid-cypress.c in the Linux kernel 4.x before 4.9.4 allows physically proximate attackers to cause a denial of service (integer underflow) or possibly have unspecified other impact via a crafted HID report. (CVE-2017-7273)
Impact
This vulnerability allows physically proximate attackers to cause a denial of service (integer underflow) or possibly have an unspecified other impact through a crafted HID report.
CVSS v3.0 Base Score 4.6 (Availability impacts)
CVSS3 Base Score 4.6 Medium
CVSS3 Base Metrics CVSS:3.0/AV:P/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H