CVE-2017-8072

Name of the Vulnerable Software and Affected Versions Linux kernel versions 4.9.x through 4.9.8

Description The issue is related to the cp2112 gpio direction input function in the Linux kernel, which does not handle errors correctly for zero-length reports. This could allow local users to have an unspecified impact via unknown vectors. The error handling issue in the function may be exploited by a local attacker to achieve an unspecified outcome.

Recommendations For Linux kernel versions 4.9.x through 4.9.8, update to version 4.9.9 or later to resolve the issue. At the moment, there is no information about additional mitigation measures for this vulnerability.