CVE-2021-47480

scsi: core: Put LLD module refcnt after SCSI device is released

Description

In the Linux kernel, the following vulnerability has been resolved: scsi: core: Put LLD module refcnt after SCSI device is released SCSI host release is triggered when SCSI device is freed. We have to make sure that the low-level device driver module won't be unloaded before SCSI host instance is released because shost->hostt is required in the release handler. Make sure to put LLD module refcnt after SCSI device is released. Fixes a kernel panic of 'BUG: unable to handle page fault for address' reported by Changhui and Yi.

N/A
CVSS
Severity:
EPSS 0.11%
Affected: Linux Linux
Affected: Linux Linux
Published at:
Updated at:

References

Link Tags
https://git.kernel.org/stable/c/1105573d964f7b78734348466b01f5f6ba8a1813
https://git.kernel.org/stable/c/8e4814a461787e15a31d322d9efbe0d4f6822428
https://git.kernel.org/stable/c/61a0faa89f21861d1f8d059123b5c285a5d9ffee
https://git.kernel.org/stable/c/c2df161f69fb1c67f63adbd193368b47f511edc0
https://git.kernel.org/stable/c/1ce287eff9f23181d5644db787f472463a61f68b
https://git.kernel.org/stable/c/7b57c38d12aed1b5d92f74748bed25e0d041729f
https://git.kernel.org/stable/c/f30822c0b4c35ec86187ab055263943dc71a6836
https://git.kernel.org/stable/c/f2b85040acec9a928b4eb1b57a989324e8e38d3f

Frequently Asked Questions

What is the severity of CVE-2021-47480?
CVE-2021-47480 has not yet been assigned a CVSS score.
How to fix CVE-2021-47480?
To fix CVE-2021-47480, make sure you are using an up-to-date version of the affected component(s) by checking the vendor release notes. As for now, there are no other specific guidelines available.
Is CVE-2021-47480 being actively exploited in the wild?
As for now, there are no information to confirm that CVE-2021-47480 is being actively exploited. According to its EPSS score, there is a ~0% probability that this vulnerability will be exploited by malicious actors in the next 30 days.
What software or system is affected by CVE-2021-47480?
CVE-2021-47480 affects Linux Linux, Linux Linux.
This platform uses data from the NIST NVD, MITRE CVE, MITRE CWE, First.org and CISA KEV but is not endorsed or certified by these entities. CVE is a registred trademark of the MITRE Corporation and the authoritative source of CVE content is MITRE's CVE web site. CWE is a registred trademark of the MITRE Corporation and the authoritative source of CWE content is MITRE's CWE web site.
© 2025 Under My Watch. All Rights Reserved.