CVE-2021-47477
📋 TL;DR
This CVE describes a kernel vulnerability in the comedi dt9812 driver where USB transfer buffers were allocated on the stack instead of proper DMA buffers. This could allow attackers to cause kernel crashes or potentially leak sensitive kernel stack data. Systems using the comedi subsystem with dt9812 hardware are affected.
💻 Affected Systems
- Linux kernel with comedi dt9812 driver
📦 What is this software?
Linux Kernel by Linux
The Linux Kernel is the core component of the Linux operating system, serving as the critical interface between computer hardware and software processes. As the heart of millions of servers, cloud infrastructure, embedded systems, Android devices, and IoT deployments worldwide, the Linux Kernel mana...
Learn more about Linux Kernel →Linux Kernel by Linux
The Linux Kernel is the core component of the Linux operating system, serving as the critical interface between computer hardware and software processes. As the heart of millions of servers, cloud infrastructure, embedded systems, Android devices, and IoT deployments worldwide, the Linux Kernel mana...
Learn more about Linux Kernel →Linux Kernel by Linux
The Linux Kernel is the core component of the Linux operating system, serving as the critical interface between computer hardware and software processes. As the heart of millions of servers, cloud infrastructure, embedded systems, Android devices, and IoT deployments worldwide, the Linux Kernel mana...
Learn more about Linux Kernel →Linux Kernel by Linux
The Linux Kernel is the core component of the Linux operating system, serving as the critical interface between computer hardware and software processes. As the heart of millions of servers, cloud infrastructure, embedded systems, Android devices, and IoT deployments worldwide, the Linux Kernel mana...
Learn more about Linux Kernel →Linux Kernel by Linux
The Linux Kernel is the core component of the Linux operating system, serving as the critical interface between computer hardware and software processes. As the heart of millions of servers, cloud infrastructure, embedded systems, Android devices, and IoT deployments worldwide, the Linux Kernel mana...
Learn more about Linux Kernel →Linux Kernel by Linux
The Linux Kernel is the core component of the Linux operating system, serving as the critical interface between computer hardware and software processes. As the heart of millions of servers, cloud infrastructure, embedded systems, Android devices, and IoT deployments worldwide, the Linux Kernel mana...
Learn more about Linux Kernel →Linux Kernel by Linux
The Linux Kernel is the core component of the Linux operating system, serving as the critical interface between computer hardware and software processes. As the heart of millions of servers, cloud infrastructure, embedded systems, Android devices, and IoT deployments worldwide, the Linux Kernel mana...
Learn more about Linux Kernel →Linux Kernel by Linux
The Linux Kernel is the core component of the Linux operating system, serving as the critical interface between computer hardware and software processes. As the heart of millions of servers, cloud infrastructure, embedded systems, Android devices, and IoT deployments worldwide, the Linux Kernel mana...
Learn more about Linux Kernel →⚠️ Risk & Real-World Impact
Worst Case
Kernel panic leading to system crash, or potential information disclosure of kernel stack memory containing sensitive data
Likely Case
System instability, USB communication failures with dt9812 devices, or kernel crashes when using affected hardware
If Mitigated
Minimal impact if proper kernel hardening and access controls prevent unauthorized users from accessing comedi devices
🎯 Exploit Status
Requires local access and ability to interact with comedi devices; not a remote vulnerability
🛠️ Fix & Mitigation
✅ Official Fix
Patch Version: Fixed in kernel commits: 20cebb8b620dc987e55ddc46801de986e081757e, 365a346cda82f51d835c49136a00a9df8a78c7f2, 39ea61037ae78f14fa121228dd962ea3280eacf3, 3ac273d154d634e2034508a14db82a95d7ad12ed, 3efb7af8ac437085b6c776e5b54830b149d86efe
Vendor Advisory: https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git/
Restart Required: Yes
Instructions:
1. Update Linux kernel to version containing the fix commits
2. Reboot system to load new kernel
3. Verify comedi module loads properly
🔧 Temporary Workarounds
Disable comedi dt9812 module
linuxPrevent loading of vulnerable driver module
echo 'blacklist dt9812' >> /etc/modprobe.d/blacklist.conf
rmmod dt9812
Restrict comedi device access
linuxLimit access to comedi devices to trusted users only
chmod 600 /dev/comedi*
chown root:root /dev/comedi*
🧯 If You Can't Patch
- Restrict physical and local access to systems with dt9812 hardware
- Implement strict access controls for users who can interact with comedi devices
🔍 How to Verify
Check if Vulnerable:
Check if dt9812 module is loaded: lsmod | grep dt9812
Check kernel version against patched versionsCheck Version:
uname -rVerify Fix Applied:
Verify kernel version includes fix commits, test dt9812 device functionality📡 Detection & Monitoring
Log Indicators:
- Kernel oops messages
- USB transfer failures in kernel logs
- Comedi driver errors
Network Indicators:
- None - local vulnerability only
SIEM Query:
kernel: "dt9812" OR "comedi" AND ("DMA" OR "stack" OR "buffer")🔗 References
- https://git.kernel.org/stable/c/20cebb8b620dc987e55ddc46801de986e081757e
- https://git.kernel.org/stable/c/365a346cda82f51d835c49136a00a9df8a78c7f2
- https://git.kernel.org/stable/c/39ea61037ae78f14fa121228dd962ea3280eacf3
- https://git.kernel.org/stable/c/3ac273d154d634e2034508a14db82a95d7ad12ed
- https://git.kernel.org/stable/c/3efb7af8ac437085b6c776e5b54830b149d86efe
- https://git.kernel.org/stable/c/536de747bc48262225889a533db6650731ab25d3
- https://git.kernel.org/stable/c/786f5b03450454557ff858a8bead5d7c0cbf78d6
- https://git.kernel.org/stable/c/8a52bc480992c7c9da3ebfea456af731f50a4b97
- https://git.kernel.org/stable/c/a6af69768d5cb4b2528946d53be5fa19ade37723
- https://git.kernel.org/stable/c/20cebb8b620dc987e55ddc46801de986e081757e
- https://git.kernel.org/stable/c/365a346cda82f51d835c49136a00a9df8a78c7f2
- https://git.kernel.org/stable/c/39ea61037ae78f14fa121228dd962ea3280eacf3
- https://git.kernel.org/stable/c/3ac273d154d634e2034508a14db82a95d7ad12ed
- https://git.kernel.org/stable/c/3efb7af8ac437085b6c776e5b54830b149d86efe
- https://git.kernel.org/stable/c/536de747bc48262225889a533db6650731ab25d3
- https://git.kernel.org/stable/c/786f5b03450454557ff858a8bead5d7c0cbf78d6
- https://git.kernel.org/stable/c/8a52bc480992c7c9da3ebfea456af731f50a4b97
- https://git.kernel.org/stable/c/a6af69768d5cb4b2528946d53be5fa19ade37723
