Login Sign Up

CVE-2021-47475

7.8 HIGH
Denial of Service Buffer Overflow

📋 TL;DR

This CVE describes a buffer overflow vulnerability in the Linux kernel's vmk80xx comedi driver for USB data acquisition devices. Attackers could exploit this by connecting malicious USB devices or through descriptor fuzzing to cause kernel crashes or potentially execute arbitrary code. Systems using the affected comedi driver with vmk80xx hardware are vulnerable.

💻 Affected Systems

Products:
  • Linux kernel with comedi vmk80xx driver
Versions: Linux kernel versions before the fix commits (specific versions vary by distribution)
Operating Systems: Linux distributions with affected kernel versions
Default Config Vulnerable: ⚠️ Yes
Notes: Only vulnerable when the comedi driver is loaded and vmk80xx hardware is used. Most systems don't load this driver by default unless specific hardware is present.

📦 What is this software?

Linux Kernel by Linux

The Linux Kernel is the core component of the Linux operating system, serving as the critical interface between computer hardware and software processes. As the heart of millions of servers, cloud infrastructure, embedded systems, Android devices, and IoT deployments worldwide, the Linux Kernel mana...

Learn more about Linux Kernel →

Linux Kernel by Linux

The Linux Kernel is the core component of the Linux operating system, serving as the critical interface between computer hardware and software processes. As the heart of millions of servers, cloud infrastructure, embedded systems, Android devices, and IoT deployments worldwide, the Linux Kernel mana...

Learn more about Linux Kernel →

Linux Kernel by Linux

The Linux Kernel is the core component of the Linux operating system, serving as the critical interface between computer hardware and software processes. As the heart of millions of servers, cloud infrastructure, embedded systems, Android devices, and IoT deployments worldwide, the Linux Kernel mana...

Learn more about Linux Kernel →

Linux Kernel by Linux

The Linux Kernel is the core component of the Linux operating system, serving as the critical interface between computer hardware and software processes. As the heart of millions of servers, cloud infrastructure, embedded systems, Android devices, and IoT deployments worldwide, the Linux Kernel mana...

Learn more about Linux Kernel →

Linux Kernel by Linux

The Linux Kernel is the core component of the Linux operating system, serving as the critical interface between computer hardware and software processes. As the heart of millions of servers, cloud infrastructure, embedded systems, Android devices, and IoT deployments worldwide, the Linux Kernel mana...

Learn more about Linux Kernel →

Linux Kernel by Linux

The Linux Kernel is the core component of the Linux operating system, serving as the critical interface between computer hardware and software processes. As the heart of millions of servers, cloud infrastructure, embedded systems, Android devices, and IoT deployments worldwide, the Linux Kernel mana...

Learn more about Linux Kernel →

Linux Kernel by Linux

The Linux Kernel is the core component of the Linux operating system, serving as the critical interface between computer hardware and software processes. As the heart of millions of servers, cloud infrastructure, embedded systems, Android devices, and IoT deployments worldwide, the Linux Kernel mana...

Learn more about Linux Kernel →

Linux Kernel by Linux

The Linux Kernel is the core component of the Linux operating system, serving as the critical interface between computer hardware and software processes. As the heart of millions of servers, cloud infrastructure, embedded systems, Android devices, and IoT deployments worldwide, the Linux Kernel mana...

Learn more about Linux Kernel →

⚠️ Risk & Real-World Impact

🔴

Worst Case

Kernel panic leading to system crash or potential arbitrary code execution with kernel privileges, resulting in complete system compromise.

🟠

Likely Case

System instability, kernel crashes, or denial of service when connecting malicious USB devices to vulnerable systems.

🟢

If Mitigated

Minimal impact if proper USB device restrictions are in place and untrusted USB devices cannot be connected.

🌐 Internet-Facing: LOW - This requires physical or local USB device access, not directly exploitable over network.
🏢 Internal Only: MEDIUM - Requires physical USB access or compromised user with USB device connection privileges.

🎯 Exploit Status

Public PoC: ✅ No
Weaponized: UNKNOWN
Unauthenticated Exploit: ✅ No
Complexity: MEDIUM

Exploitation requires physical USB device access or ability to connect USB devices. No public exploits known at this time.

🛠️ Fix & Mitigation

✅ Official Fix

Patch Version: Fixed in Linux kernel stable releases via commits: 06ac746d57e6d32b062e220415c607b7e2e0fa50, 199acd8c110e3ae62833c24f632b0bb1c9f012a9, 278484ae93297b1bb1ce755f9d3b6d95a48c7d47, 33d7a470730dfe7c9bfc8da84575cf2cedd60d00, 40d2a7e278e2e7c0a5fd7e997e7eb63945bf93f7

Vendor Advisory: https://git.kernel.org/stable/c/06ac746d57e6d32b062e220415c607b7e2e0fa50

Restart Required: Yes

Instructions:

1. Update Linux kernel to version containing the fix commits. 2. Check your distribution's security advisories for specific patched kernel versions. 3. Reboot system after kernel update.

🔧 Temporary Workarounds

Disable comedi vmk80xx module

linux

Prevent loading of the vulnerable driver module

echo 'blacklist vmk80xx' >> /etc/modprobe.d/blacklist-vmk80xx.conf
rmmod vmk80xx

Restrict USB device access

linux

Implement USB device authorization policies

Configure udev rules to restrict USB device access
Use USBGuard or similar tools

🧯 If You Can't Patch

  • Disable or blacklist the vmk80xx comedi kernel module
  • Implement strict USB device connection policies and physical security controls

🔍 How to Verify

Check if Vulnerable:

Check if vmk80xx module is loaded: lsmod | grep vmk80xx. Check kernel version against patched versions.

Check Version:

uname -r

Verify Fix Applied:

Verify kernel version includes fix commits. Check that vmk80xx module is either not loaded or updated.

📡 Detection & Monitoring

Log Indicators:

  • Kernel oops messages
  • System crashes related to USB or comedi
  • Unexpected USB device connection logs

Network Indicators:

  • Not applicable - local USB exploit

SIEM Query:

Search for: 'kernel: vmk80xx' OR 'kernel: comedi' in crash logs OR 'USB device' connection anomalies

📊 Metadata

CVE ID: CVE-2021-47475
CVSS v3 Score: 7.8 (HIGH)
CVSS Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
CWE: CWE-787
Published: May 22, 2024
Last Updated: September 24, 2025

🔗 References

📤 Share & Export

📄 Export Markdown 📋 Export JSON

🔗 Related Vulnerabilities

If you're affected by CVE-2021-47475, you might also want to check these:

CVE-2019-5684 10.0

This vulnerability in NVIDIA Windows GPU Display Drivers allows specially crafted DirectX shaders to...

Same vulnerability type (CWE-787)
CVE-2022-43604 10.0

CVE-2022-43604 is a critical out-of-bounds write vulnerability in the OpENer EtherNet/IP stack that ...

Same vulnerability type (CWE-787)
CVE-2019-5049 10.0

This vulnerability allows an attacker to execute arbitrary code on systems with vulnerable AMD graph...

Same vulnerability type (CWE-787)