CVE-2021-47477
comedi: dt9812: fix DMA buffers on stack
Vexday Risk Score
13Bajo
Decisión SSVC (CISA)
Track
Sin señal de explotación → monitorear
CVSS 5.3EPSS 0.7%KEV nãoPoC —Nuclei —Metasploit —Patch —
Ciclo de vida
22 may 2024Publicada en NVD
Recomendación: Monitorear — sin señal de explotación por ahora.
In the Linux kernel, the following vulnerability has been resolved:
comedi: dt9812: fix DMA buffers on stack
USB transfer buffers are typically mapped for DMA and must not be
allocated on the stack or transfers will fail.
Allocate proper transfer buffers in the various command helpers and
return an error on short transfers instead of acting on random stack
data.
Note that this also fixes a stack info leak on systems where DMA is not
used as 32 bytes are always sent to the device regardless of how short
the command is.
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L
Productos afectados
Linux · Linux¿Quieres saber si tu infraestructura está expuesta a esto?
Hablar con TrueHacking →Referencias
https://git.kernel.org/stable/c/20cebb8b620dc987e55ddc46801de986e081757ehttps://git.kernel.org/stable/c/365a346cda82f51d835c49136a00a9df8a78c7f2https://git.kernel.org/stable/c/39ea61037ae78f14fa121228dd962ea3280eacf3https://git.kernel.org/stable/c/3ac273d154d634e2034508a14db82a95d7ad12edhttps://git.kernel.org/stable/c/3efb7af8ac437085b6c776e5b54830b149d86efehttps://git.kernel.org/stable/c/536de747bc48262225889a533db6650731ab25d3https://git.kernel.org/stable/c/786f5b03450454557ff858a8bead5d7c0cbf78d6https://git.kernel.org/stable/c/8a52bc480992c7c9da3ebfea456af731f50a4b97https://git.kernel.org/stable/c/a6af69768d5cb4b2528946d53be5fa19ade37723