CVE-2021-47045

Published: Feb 28, 2024

Modified: May 11, 2026

PUBLISHED

Description

In the Linux kernel, the following vulnerability has been resolved: scsi: lpfc: Fix null pointer dereference in lpfc_prep_els_iocb() It is possible to call lpfc_issue_els_plogi() passing a did for which no matching ndlp is found. A call is then made to lpfc_prep_els_iocb() with a null pointer to a lpfc_nodelist structure resulting in a null pointer dereference. Fix by returning an error status if no valid ndlp is found. Fix up comments regarding ndlp reference counting.

Vendor	Product	Versions
Linux	Linux	affected `4430f7fd09ecb037570119e0aacbf0c17b8f98b2 - < a09677de458d500b00701f6036baa423d9995408` affected `4430f7fd09ecb037570119e0aacbf0c17b8f98b2 - < 9bdcfbed2a9fe24d2c7eaa1bad7c705e18de8cc7` affected `4430f7fd09ecb037570119e0aacbf0c17b8f98b2 - < 8dd1c125f7f838abad009b64bff5f0a11afe3cb6`
Linux	Linux	affected `5.11` unaffected `0 - < 5.11` unaffected `5.11.21 - <= 5.11.` unaffected `5.12.4 - <= 5.12.` unaffected `5.13 - <= *`

References

https://git.kernel.org/stable/c/a09677de458d500b00701f6036baa423d9995408

https://git.kernel.org/stable/c/9bdcfbed2a9fe24d2c7eaa1bad7c705e18de8cc7

https://git.kernel.org/stable/c/8dd1c125f7f838abad009b64bff5f0a11afe3cb6

Security Training

Train your team to recognize and prevent security threats with our comprehensive security awareness program.

Start Training

Vulnerability Scanning

Discover vulnerabilities in your applications and infrastructure before attackers do.

Scan Now

CVE-2021-47045

Description

Affected Products

References