CVE-2021-47480 - OpenCVE

In the Linux kernel, the following vulnerability has been resolved: scsi: core: Put LLD module refcnt after SCSI device is released SCSI host release is triggered when SCSI device is freed. We have to make sure that the low-level device driver module won't be unloaded before SCSI host instance is released because shost->hostt is required in the release handler. Make sure to put LLD module refcnt after SCSI device is released. Fixes a kernel panic of 'BUG: unable to handle page fault for address' reported by Changhui and Yi.

No CVSS v4.0

Attack Vector Local

Attack Complexity Low

Privileges Required High

Scope Unchanged

Confidentiality Impact High

Integrity Impact None

Availability Impact High

User Interaction None

No CVSS v3.0

No CVSS v2

This CVE is not in the KEV list.

Exploitation none

Automatable no

Technical Impact partial

No data.

References

Link	Providers
https://git.kernel.org/stable/c/1105573d964f7b78734348466b01f5f6ba8a1813
https://git.kernel.org/stable/c/1ce287eff9f23181d5644db787f472463a61f68b
https://git.kernel.org/stable/c/61a0faa89f21861d1f8d059123b5c285a5d9ffee
https://git.kernel.org/stable/c/7b57c38d12aed1b5d92f74748bed25e0d041729f
https://git.kernel.org/stable/c/8e4814a461787e15a31d322d9efbe0d4f6822428
https://git.kernel.org/stable/c/c2df161f69fb1c67f63adbd193368b47f511edc0
https://git.kernel.org/stable/c/f2b85040acec9a928b4eb1b57a989324e8e38d3f
https://git.kernel.org/stable/c/f30822c0b4c35ec86187ab055263943dc71a6836
https://lore.kernel.org/linux-cve-announce/2024052237-CVE-2021-47480-eaa0@gregkh/T
https://nvd.nist.gov/vuln/detail/CVE-2021-47480
https://www.cve.org/CVERecord?id=CVE-2021-47480

History

Mon, 04 Nov 2024 12:15:00 +0000

Type	Values Removed	Values Added
Metrics		ssvc `{'options': {'Automatable': 'no', 'Exploitation': 'none', 'Technical Impact': 'partial'}, 'version': '2.0.3'}`

Thu, 12 Sep 2024 08:30:00 +0000

Type	Values Removed	Values Added
Metrics	ssvc `{'options': {'Automatable': 'no', 'Exploitation': 'none', 'Technical Impact': 'partial'}, 'version': '2.0.3'}`

Wed, 11 Sep 2024 13:30:00 +0000

Type	Values Removed	Values Added
Metrics		ssvc `{'options': {'Automatable': 'no', 'Exploitation': 'none', 'Technical Impact': 'partial'}, 'version': '2.0.3'}`

MITRE

Status: PUBLISHED

Assigner: Linux

Published: 2024-05-22T08:19:32.839Z

Updated: 2024-11-04T12:06:44.875Z

Reserved: 2024-05-22T06:20:56.200Z

Link: CVE-2021-47480

Vulnrichment

Updated: 2024-08-04T05:39:59.500Z

NVD

Status : Awaiting Analysis

Published: 2024-05-22T09:15:09.907

Modified: 2024-05-22T12:46:53.887

Link: CVE-2021-47480

Redhat

Severity : Moderate

Publid Date: 2024-05-22T00:00:00Z

Links: CVE-2021-47480 - Bugzilla

Metrics

Attack Vector Local

Attack Complexity Low

Privileges Required High

Scope Unchanged

Confidentiality Impact High

Integrity Impact None

Availability Impact High

User Interaction None

Exploitation none

Automatable no

Technical Impact partial

Affected Vendors & Products

JSON object

JSON object

JSON object

JSON object