In the Linux kernel, the following vulnerability has been resolved:
comedi: dt9812: fix DMA buffers on stack
USB transfer buffers are typically mapped for DMA and must not be
allocated on the stack or transfers will fail.
Allocate proper transfer buffers in the various command helpers and
return an error on short transfers instead of acting on random stack
data.
Note that this also fixes a stack info leak on systems where DMA is not
used as 32 bytes are always sent to the device regardless of how short
the command is.
Metrics
Affected Vendors & Products
References
History
Wed, 06 Nov 2024 20:15:00 +0000
Type | Values Removed | Values Added |
---|---|---|
Metrics |
cvssV3_1
|
cvssV3_1
|
Mon, 04 Nov 2024 12:15:00 +0000
Type | Values Removed | Values Added |
---|---|---|
Metrics |
ssvc
|

Status: PUBLISHED
Assigner: Linux
Published: 2024-05-22T08:19:30.860Z
Updated: 2024-12-19T07:43:09.858Z
Reserved: 2024-05-22T06:20:56.200Z
Link: CVE-2021-47477

Updated: 2024-08-04T05:39:59.539Z

Status : Awaiting Analysis
Published: 2024-05-22T09:15:09.677
Modified: 2024-11-21T06:36:15.730
Link: CVE-2021-47477
