CVE-2021-47045

UNKNOWN

Published 2024-02-28T08:13:49.708Z

Actions:

Expert Analysis

Professional remediation guidance

Get tailored security recommendations from our analyst team for CVE-2021-47045. We'll provide specific mitigation strategies based on your environment and risk profile.

No CVSS data available

Description

In the Linux kernel, the following vulnerability has been resolved:

scsi: lpfc: Fix null pointer dereference in lpfc_prep_els_iocb()

It is possible to call lpfc_issue_els_plogi() passing a did for which no
matching ndlp is found. A call is then made to lpfc_prep_els_iocb() with a
null pointer to a lpfc_nodelist structure resulting in a null pointer
dereference.

Fix by returning an error status if no valid ndlp is found. Fix up comments
regarding ndlp reference counting.

Available Exploits

No exploits available for this CVE.

Related News

No news articles found for this CVE.

Affected Products

Linux

Affected Versions:

4430f7fd09ecb037570119e0aacbf0c17b8f98b2 4430f7fd09ecb037570119e0aacbf0c17b8f98b2 4430f7fd09ecb037570119e0aacbf0c17b8f98b2

Linux

Affected Versions:

5.11 0 5.11.21 5.12.4 5.13

GitHub Security Advisories

Community-driven vulnerability intelligence from GitHub

⚠ Unreviewed MODERATE

GHSA-7h2p-gcjg-4fw8

Advisory Details

In the Linux kernel, the following vulnerability has been resolved: scsi: lpfc: Fix null pointer dereference in lpfc_prep_els_iocb() It is possible to call lpfc_issue_els_plogi() passing a did for which no matching ndlp is found. A call is then made to lpfc_prep_els_iocb() with a null pointer to a lpfc_nodelist structure resulting in a null pointer dereference. Fix by returning an error status if no valid ndlp is found. Fix up comments regarding ndlp reference counting.

CVSS Scoring

CVSS Score

5.0

CVSS Vector


                                    CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H

References

ADVISORY https://nvd.nist.gov/vuln/detail/CVE-2021-47045

WEB https://git.kernel.org/stable/c/8dd1c125f7f838abad009b64bff5f0a11afe3cb6

WEB https://git.kernel.org/stable/c/9bdcfbed2a9fe24d2c7eaa1bad7c705e18de8cc7

WEB https://git.kernel.org/stable/c/a09677de458d500b00701f6036baa423d9995408

Advisory provided by GitHub Security Advisory Database. Published: February 28, 2024, Modified: December 6, 2024

References

https://git.kernel.org/stable/c/a09677de458d500b00701f6036baa423d9995408

https://git.kernel.org/stable/c/9bdcfbed2a9fe24d2c7eaa1bad7c705e18de8cc7

https://git.kernel.org/stable/c/8dd1c125f7f838abad009b64bff5f0a11afe3cb6

Published: 2024-02-28T08:13:49.708Z

Last Modified: 2025-05-04T07:03:00.354Z

Copied to clipboard!

CVE-2021-47045

Expert Analysis

Description

Available Exploits

Related News

Affected Products

Linux

Affected Versions:

Linux

Affected Versions:

GitHub Security Advisories

Advisory Details

CVSS Scoring

CVSS Score

CVSS Vector

References

References

Request Analysis

What to expect

Request Received!