cve-2021-47480
Vulnerability from cvelistv5
Published
2024-05-22 08:19
Modified
2024-12-19 07:43
Severity ?
Summary
In the Linux kernel, the following vulnerability has been resolved: scsi: core: Put LLD module refcnt after SCSI device is released SCSI host release is triggered when SCSI device is freed. We have to make sure that the low-level device driver module won't be unloaded before SCSI host instance is released because shost->hostt is required in the release handler. Make sure to put LLD module refcnt after SCSI device is released. Fixes a kernel panic of 'BUG: unable to handle page fault for address' reported by Changhui and Yi.
References
416baaa9-dc9f-4396-8d5f-8c081fb06d67https://git.kernel.org/stable/c/1105573d964f7b78734348466b01f5f6ba8a1813
416baaa9-dc9f-4396-8d5f-8c081fb06d67https://git.kernel.org/stable/c/1ce287eff9f23181d5644db787f472463a61f68b
416baaa9-dc9f-4396-8d5f-8c081fb06d67https://git.kernel.org/stable/c/61a0faa89f21861d1f8d059123b5c285a5d9ffee
416baaa9-dc9f-4396-8d5f-8c081fb06d67https://git.kernel.org/stable/c/7b57c38d12aed1b5d92f74748bed25e0d041729f
416baaa9-dc9f-4396-8d5f-8c081fb06d67https://git.kernel.org/stable/c/8e4814a461787e15a31d322d9efbe0d4f6822428
416baaa9-dc9f-4396-8d5f-8c081fb06d67https://git.kernel.org/stable/c/c2df161f69fb1c67f63adbd193368b47f511edc0
416baaa9-dc9f-4396-8d5f-8c081fb06d67https://git.kernel.org/stable/c/f2b85040acec9a928b4eb1b57a989324e8e38d3f
416baaa9-dc9f-4396-8d5f-8c081fb06d67https://git.kernel.org/stable/c/f30822c0b4c35ec86187ab055263943dc71a6836
af854a3a-2127-422b-91ae-364da2661108https://git.kernel.org/stable/c/1105573d964f7b78734348466b01f5f6ba8a1813
af854a3a-2127-422b-91ae-364da2661108https://git.kernel.org/stable/c/1ce287eff9f23181d5644db787f472463a61f68b
af854a3a-2127-422b-91ae-364da2661108https://git.kernel.org/stable/c/61a0faa89f21861d1f8d059123b5c285a5d9ffee
af854a3a-2127-422b-91ae-364da2661108https://git.kernel.org/stable/c/7b57c38d12aed1b5d92f74748bed25e0d041729f
af854a3a-2127-422b-91ae-364da2661108https://git.kernel.org/stable/c/8e4814a461787e15a31d322d9efbe0d4f6822428
af854a3a-2127-422b-91ae-364da2661108https://git.kernel.org/stable/c/c2df161f69fb1c67f63adbd193368b47f511edc0
af854a3a-2127-422b-91ae-364da2661108https://git.kernel.org/stable/c/f2b85040acec9a928b4eb1b57a989324e8e38d3f
af854a3a-2127-422b-91ae-364da2661108https://git.kernel.org/stable/c/f30822c0b4c35ec86187ab055263943dc71a6836
Impacted products
Vendor Product Version
Linux Linux
Show details on NVD website


{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-04T05:39:59.500Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://git.kernel.org/stable/c/1105573d964f7b78734348466b01f5f6ba8a1813"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://git.kernel.org/stable/c/8e4814a461787e15a31d322d9efbe0d4f6822428"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://git.kernel.org/stable/c/61a0faa89f21861d1f8d059123b5c285a5d9ffee"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://git.kernel.org/stable/c/c2df161f69fb1c67f63adbd193368b47f511edc0"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://git.kernel.org/stable/c/1ce287eff9f23181d5644db787f472463a61f68b"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://git.kernel.org/stable/c/7b57c38d12aed1b5d92f74748bed25e0d041729f"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://git.kernel.org/stable/c/f30822c0b4c35ec86187ab055263943dc71a6836"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://git.kernel.org/stable/c/f2b85040acec9a928b4eb1b57a989324e8e38d3f"
          }
        ],
        "title": "CVE Program Container"
      },
      {
        "metrics": [
          {
            "other": {
              "content": {
                "id": "CVE-2021-47480",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "no"
                  },
                  {
                    "Technical Impact": "partial"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2024-09-10T15:36:02.036772Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2024-09-11T17:32:53.299Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      }
    ],
    "cna": {
      "affected": [
        {
          "defaultStatus": "unaffected",
          "product": "Linux",
          "programFiles": [
            "drivers/scsi/scsi.c",
            "drivers/scsi/scsi_sysfs.c"
          ],
          "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
          "vendor": "Linux",
          "versions": [
            {
              "lessThan": "1105573d964f7b78734348466b01f5f6ba8a1813",
              "status": "affected",
              "version": "1da177e4c3f41524e886b7f1b8a0c1fc7321cac2",
              "versionType": "git"
            },
            {
              "lessThan": "8e4814a461787e15a31d322d9efbe0d4f6822428",
              "status": "affected",
              "version": "1da177e4c3f41524e886b7f1b8a0c1fc7321cac2",
              "versionType": "git"
            },
            {
              "lessThan": "61a0faa89f21861d1f8d059123b5c285a5d9ffee",
              "status": "affected",
              "version": "1da177e4c3f41524e886b7f1b8a0c1fc7321cac2",
              "versionType": "git"
            },
            {
              "lessThan": "c2df161f69fb1c67f63adbd193368b47f511edc0",
              "status": "affected",
              "version": "1da177e4c3f41524e886b7f1b8a0c1fc7321cac2",
              "versionType": "git"
            },
            {
              "lessThan": "1ce287eff9f23181d5644db787f472463a61f68b",
              "status": "affected",
              "version": "1da177e4c3f41524e886b7f1b8a0c1fc7321cac2",
              "versionType": "git"
            },
            {
              "lessThan": "7b57c38d12aed1b5d92f74748bed25e0d041729f",
              "status": "affected",
              "version": "1da177e4c3f41524e886b7f1b8a0c1fc7321cac2",
              "versionType": "git"
            },
            {
              "lessThan": "f30822c0b4c35ec86187ab055263943dc71a6836",
              "status": "affected",
              "version": "1da177e4c3f41524e886b7f1b8a0c1fc7321cac2",
              "versionType": "git"
            },
            {
              "lessThan": "f2b85040acec9a928b4eb1b57a989324e8e38d3f",
              "status": "affected",
              "version": "1da177e4c3f41524e886b7f1b8a0c1fc7321cac2",
              "versionType": "git"
            }
          ]
        },
        {
          "defaultStatus": "affected",
          "product": "Linux",
          "programFiles": [
            "drivers/scsi/scsi.c",
            "drivers/scsi/scsi_sysfs.c"
          ],
          "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
          "vendor": "Linux",
          "versions": [
            {
              "lessThanOrEqual": "4.4.*",
              "status": "unaffected",
              "version": "4.4.292",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "4.9.*",
              "status": "unaffected",
              "version": "4.9.290",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "4.14.*",
              "status": "unaffected",
              "version": "4.14.255",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "4.19.*",
              "status": "unaffected",
              "version": "4.19.216",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "5.4.*",
              "status": "unaffected",
              "version": "5.4.158",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "5.10.*",
              "status": "unaffected",
              "version": "5.10.78",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "5.14.*",
              "status": "unaffected",
              "version": "5.14.17",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "*",
              "status": "unaffected",
              "version": "5.15",
              "versionType": "original_commit_for_fix"
            }
          ]
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "value": "In the Linux kernel, the following vulnerability has been resolved:\n\nscsi: core: Put LLD module refcnt after SCSI device is released\n\nSCSI host release is triggered when SCSI device is freed. We have to make\nsure that the low-level device driver module won\u0027t be unloaded before SCSI\nhost instance is released because shost-\u003ehostt is required in the release\nhandler.\n\nMake sure to put LLD module refcnt after SCSI device is released.\n\nFixes a kernel panic of \u0027BUG: unable to handle page fault for address\u0027\nreported by Changhui and Yi."
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2024-12-19T07:43:13.303Z",
        "orgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
        "shortName": "Linux"
      },
      "references": [
        {
          "url": "https://git.kernel.org/stable/c/1105573d964f7b78734348466b01f5f6ba8a1813"
        },
        {
          "url": "https://git.kernel.org/stable/c/8e4814a461787e15a31d322d9efbe0d4f6822428"
        },
        {
          "url": "https://git.kernel.org/stable/c/61a0faa89f21861d1f8d059123b5c285a5d9ffee"
        },
        {
          "url": "https://git.kernel.org/stable/c/c2df161f69fb1c67f63adbd193368b47f511edc0"
        },
        {
          "url": "https://git.kernel.org/stable/c/1ce287eff9f23181d5644db787f472463a61f68b"
        },
        {
          "url": "https://git.kernel.org/stable/c/7b57c38d12aed1b5d92f74748bed25e0d041729f"
        },
        {
          "url": "https://git.kernel.org/stable/c/f30822c0b4c35ec86187ab055263943dc71a6836"
        },
        {
          "url": "https://git.kernel.org/stable/c/f2b85040acec9a928b4eb1b57a989324e8e38d3f"
        }
      ],
      "title": "scsi: core: Put LLD module refcnt after SCSI device is released",
      "x_generator": {
        "engine": "bippy-5f407fcff5a0"
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
    "assignerShortName": "Linux",
    "cveId": "CVE-2021-47480",
    "datePublished": "2024-05-22T08:19:32.839Z",
    "dateReserved": "2024-05-22T06:20:56.200Z",
    "dateUpdated": "2024-12-19T07:43:13.303Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1",
  "vulnerability-lookup:meta": {
    "nvd": "{\"cve\":{\"id\":\"CVE-2021-47480\",\"sourceIdentifier\":\"416baaa9-dc9f-4396-8d5f-8c081fb06d67\",\"published\":\"2024-05-22T09:15:09.907\",\"lastModified\":\"2024-11-21T06:36:16.500\",\"vulnStatus\":\"Awaiting Analysis\",\"cveTags\":[],\"descriptions\":[{\"lang\":\"en\",\"value\":\"In the Linux kernel, the following vulnerability has been resolved:\\n\\nscsi: core: Put LLD module refcnt after SCSI device is released\\n\\nSCSI host release is triggered when SCSI device is freed. We have to make\\nsure that the low-level device driver module won\u0027t be unloaded before SCSI\\nhost instance is released because shost-\u003ehostt is required in the release\\nhandler.\\n\\nMake sure to put LLD module refcnt after SCSI device is released.\\n\\nFixes a kernel panic of \u0027BUG: unable to handle page fault for address\u0027\\nreported by Changhui and Yi.\"},{\"lang\":\"es\",\"value\":\"En el kernel de Linux, se ha resuelto la siguiente vulnerabilidad: scsi: core: colocar el m\u00f3dulo LLD refcnt despu\u00e9s de liberar el dispositivo SCSI. La liberaci\u00f3n del host SCSI se activa cuando se libera el dispositivo SCSI. Tenemos que asegurarnos de que el m\u00f3dulo del controlador de dispositivo de bajo nivel no se descargue antes de que se lance la instancia del host SCSI porque se requiere shost-\u0026gt;hostt en el controlador de lanzamiento. Aseg\u00farese de poner el m\u00f3dulo LLD refcnt despu\u00e9s de lanzar el dispositivo SCSI. Corrige un problema de p\u00e1nico del kernel de \u0027ERROR: no se puede manejar el error de p\u00e1gina para la direcci\u00f3n\u0027 informado por Changhui y Yi.\"}],\"metrics\":{},\"references\":[{\"url\":\"https://git.kernel.org/stable/c/1105573d964f7b78734348466b01f5f6ba8a1813\",\"source\":\"416baaa9-dc9f-4396-8d5f-8c081fb06d67\"},{\"url\":\"https://git.kernel.org/stable/c/1ce287eff9f23181d5644db787f472463a61f68b\",\"source\":\"416baaa9-dc9f-4396-8d5f-8c081fb06d67\"},{\"url\":\"https://git.kernel.org/stable/c/61a0faa89f21861d1f8d059123b5c285a5d9ffee\",\"source\":\"416baaa9-dc9f-4396-8d5f-8c081fb06d67\"},{\"url\":\"https://git.kernel.org/stable/c/7b57c38d12aed1b5d92f74748bed25e0d041729f\",\"source\":\"416baaa9-dc9f-4396-8d5f-8c081fb06d67\"},{\"url\":\"https://git.kernel.org/stable/c/8e4814a461787e15a31d322d9efbe0d4f6822428\",\"source\":\"416baaa9-dc9f-4396-8d5f-8c081fb06d67\"},{\"url\":\"https://git.kernel.org/stable/c/c2df161f69fb1c67f63adbd193368b47f511edc0\",\"source\":\"416baaa9-dc9f-4396-8d5f-8c081fb06d67\"},{\"url\":\"https://git.kernel.org/stable/c/f2b85040acec9a928b4eb1b57a989324e8e38d3f\",\"source\":\"416baaa9-dc9f-4396-8d5f-8c081fb06d67\"},{\"url\":\"https://git.kernel.org/stable/c/f30822c0b4c35ec86187ab055263943dc71a6836\",\"source\":\"416baaa9-dc9f-4396-8d5f-8c081fb06d67\"},{\"url\":\"https://git.kernel.org/stable/c/1105573d964f7b78734348466b01f5f6ba8a1813\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"https://git.kernel.org/stable/c/1ce287eff9f23181d5644db787f472463a61f68b\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"https://git.kernel.org/stable/c/61a0faa89f21861d1f8d059123b5c285a5d9ffee\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"https://git.kernel.org/stable/c/7b57c38d12aed1b5d92f74748bed25e0d041729f\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"https://git.kernel.org/stable/c/8e4814a461787e15a31d322d9efbe0d4f6822428\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"https://git.kernel.org/stable/c/c2df161f69fb1c67f63adbd193368b47f511edc0\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"https://git.kernel.org/stable/c/f2b85040acec9a928b4eb1b57a989324e8e38d3f\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"https://git.kernel.org/stable/c/f30822c0b4c35ec86187ab055263943dc71a6836\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"}]}}"
  }
}


Log in or create an account to share your comment.




Tags
Taxonomy of the tags.


Loading…

Loading…

Loading…

Sightings

Author Source Type Date

Nomenclature

  • Seen: The vulnerability was mentioned, discussed, or seen somewhere by the user.
  • Confirmed: The vulnerability is confirmed from an analyst perspective.
  • Exploited: This vulnerability was exploited and seen by the user reporting the sighting.
  • Patched: This vulnerability was successfully patched by the user reporting the sighting.
  • Not exploited: This vulnerability was not exploited or seen by the user reporting the sighting.
  • Not confirmed: The user expresses doubt about the veracity of the vulnerability.
  • Not patched: This vulnerability was not successfully patched by the user reporting the sighting.