CVE-2021-47477
comedi: dt9812: fix DMA buffers on stack
Severity Score
Exploit Likelihood
Affected Versions
Public Exploits
0Exploited in Wild
-Decision
Descriptions
In the Linux kernel, the following vulnerability has been resolved:
comedi: dt9812: fix DMA buffers on stack
USB transfer buffers are typically mapped for DMA and must not be
allocated on the stack or transfers will fail.
Allocate proper transfer buffers in the various command helpers and
return an error on short transfers instead of acting on random stack
data.
Note that this also fixes a stack info leak on systems where DMA is not
used as 32 bytes are always sent to the device regardless of how short
the command is.
En el kernel de Linux, se resolvió la siguiente vulnerabilidad: comedi: dt9812: corrige los búferes DMA en la pila Los búferes de transferencia USB generalmente están asignados para DMA y no deben asignarse en la pila o las transferencias fallarán. Asigne búferes de transferencia adecuados en los distintos asistentes de comando y devuelva un error en transferencias cortas en lugar de actuar sobre datos de pila aleatorios. Tenga en cuenta que esto también soluciona una fuga de información de la pila en sistemas donde no se usa DMA, ya que siempre se envían 32 bytes al dispositivo, independientemente de cuán corto sea el comando.
CVSS Scores
SSVC
- Decision:Track
Timeline
- 2024-05-22 CVE Reserved
- 2024-05-22 CVE Published
- 2024-05-23 EPSS Updated
- 2024-08-04 CVE Updated
- ---------- Exploited in Wild
- ---------- KEV Due Date
- ---------- First Exploit
CWE
CAPEC
References (10)
| URL | Tag | Source |
|---|---|---|
| https://git.kernel.org/stable/c/63274cd7d38a3322d90b66a5bc976de1fb899051 | Vuln. Introduced |
| URL | Date | SRC |
|---|
| URL | Date | SRC |
|---|
Affected Vendors, Products, and Versions
| Vendor | Product | Version | Other | Status | ||||||
|---|---|---|---|---|---|---|---|---|---|---|
| Vendor | Product | Version | Other | Status | <-- --> | Vendor | Product | Version | Other | Status |
| Linux Search vendor "Linux" | Linux Kernel Search vendor "Linux" for product "Linux Kernel" | >= 2.6.29 < 4.4.292 Search vendor "Linux" for product "Linux Kernel" and version " >= 2.6.29 < 4.4.292" | en |
Affected
| ||||||
| Linux Search vendor "Linux" | Linux Kernel Search vendor "Linux" for product "Linux Kernel" | >= 2.6.29 < 4.9.290 Search vendor "Linux" for product "Linux Kernel" and version " >= 2.6.29 < 4.9.290" | en |
Affected
| ||||||
| Linux Search vendor "Linux" | Linux Kernel Search vendor "Linux" for product "Linux Kernel" | >= 2.6.29 < 4.14.255 Search vendor "Linux" for product "Linux Kernel" and version " >= 2.6.29 < 4.14.255" | en |
Affected
| ||||||
| Linux Search vendor "Linux" | Linux Kernel Search vendor "Linux" for product "Linux Kernel" | >= 2.6.29 < 4.19.217 Search vendor "Linux" for product "Linux Kernel" and version " >= 2.6.29 < 4.19.217" | en |
Affected
| ||||||
| Linux Search vendor "Linux" | Linux Kernel Search vendor "Linux" for product "Linux Kernel" | >= 2.6.29 < 5.4.159 Search vendor "Linux" for product "Linux Kernel" and version " >= 2.6.29 < 5.4.159" | en |
Affected
| ||||||
| Linux Search vendor "Linux" | Linux Kernel Search vendor "Linux" for product "Linux Kernel" | >= 2.6.29 < 5.10.79 Search vendor "Linux" for product "Linux Kernel" and version " >= 2.6.29 < 5.10.79" | en |
Affected
| ||||||
| Linux Search vendor "Linux" | Linux Kernel Search vendor "Linux" for product "Linux Kernel" | >= 2.6.29 < 5.14.18 Search vendor "Linux" for product "Linux Kernel" and version " >= 2.6.29 < 5.14.18" | en |
Affected
| ||||||
| Linux Search vendor "Linux" | Linux Kernel Search vendor "Linux" for product "Linux Kernel" | >= 2.6.29 < 5.15.2 Search vendor "Linux" for product "Linux Kernel" and version " >= 2.6.29 < 5.15.2" | en |
Affected
| ||||||
| Linux Search vendor "Linux" | Linux Kernel Search vendor "Linux" for product "Linux Kernel" | >= 2.6.29 < 5.16 Search vendor "Linux" for product "Linux Kernel" and version " >= 2.6.29 < 5.16" | en |
Affected
| ||||||