6 matches found
CVE-2021-47476
In the Linux kernel, the following vulnerability has been resolved: comedi: niusb6501: fix NULL-deref in command paths The driver uses endpoint-sized USB transfer buffers but had no sanity checks on the sizes. This can lead to zero-size-pointer dereferences or overflowed transfer buffers in...
CVE-2021-47476
In the Linux kernel, the following vulnerability has been resolved: comedi: niusb6501: fix NULL-deref in command paths The driver uses endpoint-sized USB transfer buffers but had no sanity checks on the sizes. This can lead to zero-size-pointer dereferences or overflowed transfer buffers in...
CVE-2021-47476
In the Linux kernel, the following vulnerability has been resolved: comedi: niusb6501: fix NULL-deref in command paths The driver uses endpoint-sized USB transfer buffers but had no sanity checks on the sizes. This can lead to zero-size-pointer dereferences or overflowed transfer buffers in...
CVE-2021-47476 comedi: ni_usb6501: fix NULL-deref in command paths
In the Linux kernel, the following vulnerability has been resolved: comedi: niusb6501: fix NULL-deref in command paths The driver uses endpoint-sized USB transfer buffers but had no sanity checks on the sizes. This can lead to zero-size-pointer dereferences or overflowed transfer buffers in...
CVE-2021-47475 comedi: vmk80xx: fix transfer-buffer overflows
In the Linux kernel, the following vulnerability has been resolved: comedi: vmk80xx: fix transfer-buffer overflows The driver uses endpoint-sized USB transfer buffers but up until recently had no sanity checks on the sizes. Commit e1f13c879a7c "staging: comedi: check validity of wMaxPacketSize of...
CVE-2021-47475
CVE-2021-47475 is a Linux kernel vulnerability in the comedi vmk80xx USB driver. The issue arises from transfer-buffer size checks: buffers were endpoint-sized and lacked validation, enabling overflows when a malicious device with larger max-packet sizes or unexpected accesses could write past th...