CVE - CVE-2021-47477

CVE-ID
CVE-2021-47477	Learn more at National Vulnerability Database (NVD) • CVSS Severity Rating • Fix Information • Vulnerable Software Versions • SCAP Mappings • CPE Information
Description
In the Linux kernel, the following vulnerability has been resolved: comedi: dt9812: fix DMA buffers on stack USB transfer buffers are typically mapped for DMA and must not be allocated on the stack or transfers will fail. Allocate proper transfer buffers in the various command helpers and return an error on short transfers instead of acting on random stack data. Note that this also fixes a stack info leak on systems where DMA is not used as 32 bytes are always sent to the device regardless of how short the command is.
References
Note: References are provided for the convenience of the reader to help distinguish between vulnerabilities. The list is not intended to be complete.
MISC:https://git.kernel.org/stable/c/20cebb8b620dc987e55ddc46801de986e081757e URL:https://git.kernel.org/stable/c/20cebb8b620dc987e55ddc46801de986e081757e MISC:https://git.kernel.org/stable/c/365a346cda82f51d835c49136a00a9df8a78c7f2 URL:https://git.kernel.org/stable/c/365a346cda82f51d835c49136a00a9df8a78c7f2 MISC:https://git.kernel.org/stable/c/39ea61037ae78f14fa121228dd962ea3280eacf3 URL:https://git.kernel.org/stable/c/39ea61037ae78f14fa121228dd962ea3280eacf3 MISC:https://git.kernel.org/stable/c/3ac273d154d634e2034508a14db82a95d7ad12ed URL:https://git.kernel.org/stable/c/3ac273d154d634e2034508a14db82a95d7ad12ed MISC:https://git.kernel.org/stable/c/3efb7af8ac437085b6c776e5b54830b149d86efe URL:https://git.kernel.org/stable/c/3efb7af8ac437085b6c776e5b54830b149d86efe MISC:https://git.kernel.org/stable/c/536de747bc48262225889a533db6650731ab25d3 URL:https://git.kernel.org/stable/c/536de747bc48262225889a533db6650731ab25d3 MISC:https://git.kernel.org/stable/c/786f5b03450454557ff858a8bead5d7c0cbf78d6 URL:https://git.kernel.org/stable/c/786f5b03450454557ff858a8bead5d7c0cbf78d6 MISC:https://git.kernel.org/stable/c/8a52bc480992c7c9da3ebfea456af731f50a4b97 URL:https://git.kernel.org/stable/c/8a52bc480992c7c9da3ebfea456af731f50a4b97 MISC:https://git.kernel.org/stable/c/a6af69768d5cb4b2528946d53be5fa19ade37723 URL:https://git.kernel.org/stable/c/a6af69768d5cb4b2528946d53be5fa19ade37723
Assigning CNA
kernel.org
Date Record Created
20240522	Disclaimer: The record creation date may reflect when the CVE ID was allocated or reserved, and does not necessarily indicate when this vulnerability was discovered, shared with the affected vendor, publicly disclosed, or updated in CVE.
Phase (Legacy)
Assigned (20240522)
Votes (Legacy)

Comments (Legacy)

Proposed (Legacy)
N/A
This is an record on the CVE List, which provides common identifiers for publicly known cybersecurity vulnerabilities.
Search CVE Using Keywords: You can also search by reference using the CVE Reference Maps.
For More Information: CVE Request Web Form (select "Other" from dropdown)

Use of the CVE® List and the associated references from this website are subject to the terms of use. CVE is sponsored by the U.S. Department of Homeland Security (DHS) Cybersecurity and Infrastructure Security Agency (CISA). Copyright © 1999–2024, The MITRE Corporation. CVE and the CVE logo are registered trademarks of The MITRE Corporation.