{ "affected": [ { "database_specific": { "unresolved_ranges": [ { "events": [ { "introduced": "0" }, { "last_affected": "4.9" } ] }, { "events": [ { "introduced": "0" }, { "last_affected": "4.9.1" } ] }, { "events": [ { "introduced": "0" }, { "last_affected": "4.9.2" } ] }, { "events": [ { "introduced": "0" }, { "last_affected": "4.9.3" } ] }, { "events": [ { "introduced": "0" }, { "last_affected": "4.9.4" } ] }, { "events": [ { "introduced": "0" }, { "last_affected": "4.9.5" } ] }, { "events": [ { "introduced": "0" }, { "last_affected": "4.9.6" } ] }, { "events": [ { "introduced": "0" }, { "last_affected": "4.9.8" } ] } ] } } ], "details": "drivers/hid/hid-cp2112.c in the Linux kernel 4.9.x before 4.9.9 uses a spinlock without considering that sleeping is possible in a USB HID request callback, which allows local users to cause a denial of service (deadlock) via unspecified vectors.", "id": "CVE-2017-8071", "modified": "2026-03-15T21:44:59.506798414Z", "published": "2017-04-23T05:59:00.597Z", "references": [ { "type": "ADVISORY", "url": "http://www.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.9.9" }, { "type": "ADVISORY", "url": "http://www.securityfocus.com/bid/97991" }, { "type": "FIX", "url": "https://github.com/torvalds/linux/commit/7a7b5df84b6b4e5d599c7289526eed96541a0654" }, { "type": "FIX", "url": "http://www.openwall.com/lists/oss-security/2017/04/16/4" }, { "type": "FIX", "url": "https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=7a7b5df84b6b4e5d599c7289526eed96541a0654" } ], "severity": [ { "score": "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", "type": "CVSS_V3" } ] }