CVE-2021-47477

2024-05-2200:00:00

ubuntu.com

linux kernel

comedi

vulnerability

resolution

usb

dma buffers

AI Score

6.6

Confidence

High

EPSS

Percentile

13.0%

JSON

In the Linux kernel, the following vulnerability has been resolved: comedi:
dt9812: fix DMA buffers on stack USB transfer buffers are typically mapped
for DMA and must not be allocated on the stack or transfers will fail.
Allocate proper transfer buffers in the various command helpers and return
an error on short transfers instead of acting on random stack data. Note
that this also fixes a stack info leak on systems where DMA is not used as
32 bytes are always sent to the device regardless of how short the command
is.

OSVersionArchitecturePackageVersionFilename
ubuntu18.04noarchlinux< anyUNKNOWN
ubuntu20.04noarchlinux< anyUNKNOWN
ubuntu18.04noarchlinux-aws< anyUNKNOWN
ubuntu20.04noarchlinux-aws< anyUNKNOWN
ubuntu18.04noarchlinux-aws-5.4< anyUNKNOWN
ubuntu16.04noarchlinux-aws-hwe< anyUNKNOWN
ubuntu20.04noarchlinux-azure< anyUNKNOWN
ubuntu14.04noarchlinux-azure< anyUNKNOWN
ubuntu16.04noarchlinux-azure< anyUNKNOWN
ubuntu18.04noarchlinux-azure-4.15< anyUNKNOWN

OS	Version	Architecture	Package	Version	Filename
ubuntu	18.04	noarch	linux	< any	UNKNOWN
ubuntu	20.04	noarch	linux	< any	UNKNOWN
ubuntu	18.04	noarch	linux-aws	< any	UNKNOWN
ubuntu	20.04	noarch	linux-aws	< any	UNKNOWN
ubuntu	18.04	noarch	linux-aws-5.4	< any	UNKNOWN
ubuntu	16.04	noarch	linux-aws-hwe	< any	UNKNOWN
ubuntu	20.04	noarch	linux-azure	< any	UNKNOWN
ubuntu	14.04	noarch	linux-azure	< any	UNKNOWN
ubuntu	16.04	noarch	linux-azure	< any	UNKNOWN
ubuntu	18.04	noarch	linux-azure-4.15	< any	UNKNOWN