vulnerability

Debian: CVE-2021-47477: linux -- security update

Try Surface Command

Back to search

Severity	CVSS	Published	Added	Modified
5	(AV:N/AC:L/Au:N/C:N/I:N/A:P)	05/22/2024	07/30/2024	02/18/2025

Severity

CVSS

(AV:N/AC:L/Au:N/C:N/I:N/A:P)

Published

05/22/2024

Added

07/30/2024

Modified

02/18/2025

Description

In the Linux kernel, the following vulnerability has been resolved:

comedi: dt9812: fix DMA buffers on stack

USB transfer buffers are typically mapped for DMA and must not be
allocated on the stack or transfers will fail.

Allocate proper transfer buffers in the various command helpers and
return an error on short transfers instead of acting on random stack
data.

Note that this also fixes a stack info leak on systems where DMA is not
used as 32 bytes are always sent to the device regardless of how short
the command is.

Solution

debian-upgrade-linux

References

CVE-2021-47477
https://attackerkb.com/topics/CVE-2021-47477

NEW

Explore Exposure Command

Confidently identify and prioritize exposures from endpoint to cloud with full attack surface visibility and threat-aware risk context.

Try it today