Ubuntu: (CVE-2021-47477): linux vulnerability
Description
In the Linux kernel, the following vulnerability has been resolved: comedi: dt9812: fix DMA buffers on stack USB transfer buffers are typically mapped for DMA and must not be allocated on the stack or transfers will fail. Allocate proper transfer buffers in the various command helpers and return an error on short transfers instead of acting on random stack data. Note that this also fixes a stack info leak on systems where DMA is not used as 32 bytes are always sent to the device regardless of how short the command is.
Solution(s)
- ubuntu-upgrade-linux
- ubuntu-upgrade-linux-aws
- ubuntu-upgrade-linux-aws-5-4
- ubuntu-upgrade-linux-aws-hwe
- ubuntu-upgrade-linux-azure
- ubuntu-upgrade-linux-azure-4-15
- ubuntu-upgrade-linux-azure-5-4
- ubuntu-upgrade-linux-bluefield
- ubuntu-upgrade-linux-gcp
- ubuntu-upgrade-linux-gcp-4-15
- ubuntu-upgrade-linux-gcp-5-4
- ubuntu-upgrade-linux-gkeop
- ubuntu-upgrade-linux-hwe
- ubuntu-upgrade-linux-hwe-5-4
- ubuntu-upgrade-linux-ibm
- ubuntu-upgrade-linux-ibm-5-4
- ubuntu-upgrade-linux-kvm
- ubuntu-upgrade-linux-oracle
- ubuntu-upgrade-linux-oracle-5-4
- ubuntu-upgrade-linux-raspi
- ubuntu-upgrade-linux-raspi-5-4
- Lightweight Endpoint Agent
- Live Dashboards
- Real Risk Prioritization
- IT-Integrated Remediation Projects
- Cloud, Virtual, and Container Assessment
- Integrated Threat Feeds
- Easy-to-Use RESTful API
- Automation-Assisted Patching
- Automated Containment
With Rapid7 live dashboards, I have a clear view of all the assets on my network, which ones can be exploited, and what I need to do in order to reduce the risk in my environment in real-time. No other tool gives us that kind of value and insight.
– Scott Cheney, Manager of Information Security, Sierra View Medical Center