CVE-2021-47477
5.3
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L
Summary
In the Linux kernel, the following vulnerability has been resolved:
comedi: dt9812: fix DMA buffers on stack
USB transfer buffers are typically mapped for DMA and must not be allocated on the stack or transfers will fail.
Allocate proper transfer buffers in the various command helpers and return an error on short transfers instead of acting on random stack data.
Note that this also fixes a stack info leak on systems where DMA is not used as 32 bytes are always sent to the device regardless of how short the command is.
Affected Software
| Vendor | Product | Version Range | Status |
|---|---|---|---|
| Linux | Linux | 63274cd7d38a3322d90b66a5bc976de1fb899051 < a6af69768d5cb4b2528946d53be5fa19ade37723 | affected |
| Linux | Linux | 63274cd7d38a3322d90b66a5bc976de1fb899051 < 365a346cda82f51d835c49136a00a9df8a78c7f2 | affected |
| Linux | Linux | 63274cd7d38a3322d90b66a5bc976de1fb899051 < 8a52bc480992c7c9da3ebfea456af731f50a4b97 | affected |
| Linux | Linux | 63274cd7d38a3322d90b66a5bc976de1fb899051 < 39ea61037ae78f14fa121228dd962ea3280eacf3 | affected |
| Linux | Linux | 63274cd7d38a3322d90b66a5bc976de1fb899051 < 3efb7af8ac437085b6c776e5b54830b149d86efe | affected |
| Linux | Linux | 63274cd7d38a3322d90b66a5bc976de1fb899051 < 786f5b03450454557ff858a8bead5d7c0cbf78d6 | affected |
| Linux | Linux | 63274cd7d38a3322d90b66a5bc976de1fb899051 < 3ac273d154d634e2034508a14db82a95d7ad12ed | affected |
| Linux | Linux | 63274cd7d38a3322d90b66a5bc976de1fb899051 < 20cebb8b620dc987e55ddc46801de986e081757e | affected |
| Linux | Linux | 63274cd7d38a3322d90b66a5bc976de1fb899051 < 536de747bc48262225889a533db6650731ab25d3 | affected |
| Linux | Linux | 2.6.29 | affected |
| Linux | Linux | 0 < 2.6.29 | unaffected |
| Linux | Linux | 4.4.292 <= 4.4.* | unaffected |
| Linux | Linux | 4.9.290 <= 4.9.* | unaffected |
| Linux | Linux | 4.14.255 <= 4.14.* | unaffected |
| Linux | Linux | 4.19.217 <= 4.19.* | unaffected |
| Linux | Linux | 5.4.159 <= 5.4.* | unaffected |
| Linux | Linux | 5.10.79 <= 5.10.* | unaffected |
| Linux | Linux | 5.14.18 <= 5.14.* | unaffected |
| Linux | Linux | 5.15.2 <= 5.15.* | unaffected |
| Linux | Linux | 5.16 <= * | unaffected |
Weaknesses
ADP Enrichment
CISA ADP Vulnrichment
- SSVC:
- Exploitation: none
- Automatable: no
- Technical Impact: partial
CVE Program Container
Additional References
- https://git.kernel.org/stable/c/a6af69768d5cb4b2528946d53be5fa19ade37723
- https://git.kernel.org/stable/c/365a346cda82f51d835c49136a00a9df8a78c7f2
- https://git.kernel.org/stable/c/8a52bc480992c7c9da3ebfea456af731f50a4b97
- https://git.kernel.org/stable/c/39ea61037ae78f14fa121228dd962ea3280eacf3
- https://git.kernel.org/stable/c/3efb7af8ac437085b6c776e5b54830b149d86efe
- https://git.kernel.org/stable/c/786f5b03450454557ff858a8bead5d7c0cbf78d6
- https://git.kernel.org/stable/c/3ac273d154d634e2034508a14db82a95d7ad12ed
- https://git.kernel.org/stable/c/20cebb8b620dc987e55ddc46801de986e081757e
- https://git.kernel.org/stable/c/536de747bc48262225889a533db6650731ab25d3
References
- https://git.kernel.org/stable/c/a6af69768d5cb4b2528946d53be5fa19ade37723
- https://git.kernel.org/stable/c/365a346cda82f51d835c49136a00a9df8a78c7f2
- https://git.kernel.org/stable/c/8a52bc480992c7c9da3ebfea456af731f50a4b97
- https://git.kernel.org/stable/c/39ea61037ae78f14fa121228dd962ea3280eacf3
- https://git.kernel.org/stable/c/3efb7af8ac437085b6c776e5b54830b149d86efe
- https://git.kernel.org/stable/c/786f5b03450454557ff858a8bead5d7c0cbf78d6
- https://git.kernel.org/stable/c/3ac273d154d634e2034508a14db82a95d7ad12ed
- https://git.kernel.org/stable/c/20cebb8b620dc987e55ddc46801de986e081757e
- https://git.kernel.org/stable/c/536de747bc48262225889a533db6650731ab25d3
Feedback
Was this page helpful?
Glad to hear it! Please tell us how we can improve.
Sorry to hear that. Please tell us how we can improve.