CVSS3
Attack Vector
LOCAL
Attack Complexity
LOW
Privileges Required
LOW
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
EPSS
Percentile
9.0%
In the Linux kernel, the following vulnerability has been resolved: scsi:
lpfc: Fix use-after-free in lpfc_unreg_rpi() routine An error is detected
with the following report when unloading the driver: “KASAN: use-after-free
in lpfc_unreg_rpi+0x1b1b” The NLP_REG_LOGIN_SEND nlp_flag is set in
lpfc_reg_fab_ctrl_node(), but the flag is not cleared upon completion of
the login. This allows a second call to lpfc_unreg_rpi() to proceed with
nlp_rpi set to LPFC_RPI_ALLOW_ERROR. This results in a use after free
access when used as an rpi_ids array index. Fix by clearing the
NLP_REG_LOGIN_SEND nlp_flag in lpfc_mbx_cmpl_fc_reg_login().
git.kernel.org/linus/79b20beccea3a3938a8500acef4e6b9d7c66142f (5.16-rc1)
git.kernel.org/stable/c/79b20beccea3a3938a8500acef4e6b9d7c66142f
git.kernel.org/stable/c/dbebf865b3239595c1d4dba063b122862583b52a
launchpad.net/bugs/cve/CVE-2021-47198
nvd.nist.gov/vuln/detail/CVE-2021-47198
security-tracker.debian.org/tracker/CVE-2021-47198
www.cve.org/CVERecord?id=CVE-2021-47198