CVE-2021-47203

scsi: lpfc: Fix list_add() corruption in lpfc_drain_txq()

Severity Score

"-"

*CVSS v-

Exploit Likelihood

*EPSS

Affected Versions

*CPE

Public Exploits

*Multiple Sources

Exploited in Wild

*KEV

Decision

Track

*SSVC

Descriptions

In the Linux kernel, the following vulnerability has been resolved:

scsi: lpfc: Fix list_add() corruption in lpfc_drain_txq()

When parsing the txq list in lpfc_drain_txq(), the driver attempts to pass
the requests to the adapter. If such an attempt fails, a local "fail_msg"
string is set and a log message output. The job is then added to a
completions list for cancellation.

Processing of any further jobs from the txq list continues, but since
"fail_msg" remains set, jobs are added to the completions list regardless
of whether a wqe was passed to the adapter. If successfully added to
txcmplq, jobs are added to both lists resulting in list corruption.

Fix by clearing the fail_msg string after adding a job to the completions
list. This stops the subsequent jobs from being added to the completions
list unless they had an appropriate failure.

*Credits: N/A

CVSS Scores

Attack Vector

Attack Complexity

Privileges Required

User Interaction

Scope

Confidentiality

Integrity

Availability

* Common Vulnerability Scoring System

SSVC

Decision:Track

Exploitation

None

Automatable

Tech. Impact

Partial

* Organization's Worst-case Scenario

Timeline

2024-03-25 CVE Reserved
2024-04-10 CVE Published
2024-04-11 EPSS Updated
2024-08-04 CVE Updated
---------- Exploited in Wild
---------- KEV Due Date
---------- First Exploit

CWE

CAPEC

References (8)

URL	Tag	Source

URL	Date	SRC

URL	Date	SRC
https://git.kernel.org/stable/c/ad4776b5eb2e58af1226847fcd3b4f6d051674dd	2021-11-26
https://git.kernel.org/stable/c/ec70d80a8642900086447ba0cdc79e3f44d42e8f	2021-11-26
https://git.kernel.org/stable/c/f05a0191b90156e539cccc189b9d87ca2a4d9305	2021-11-26
https://git.kernel.org/stable/c/b291d147d0268e93ad866f8bc820ea14497abc9b	2021-11-26
https://git.kernel.org/stable/c/16bcbfb56d759c25665f786e33ec633b9508a08f	2021-11-26
https://git.kernel.org/stable/c/c097bd5a59162156d9c2077a2f58732ffbaa9fca	2021-11-26
https://git.kernel.org/stable/c/814d3610c4ce86e8cf285b2cdac0057a42e82de5	2021-11-25
https://git.kernel.org/stable/c/99154581b05c8fb22607afb7c3d66c1bace6aa5d	2021-09-15

URL	Date	SRC

Affected Vendors, Products, and Versions

Vendor		Product				Version		Other		Status
Vendor	Product	Version	Other	Status	<-- -->	Vendor	Product	Version	Other	Status
Linux Search vendor "Linux"		Linux Kernel Search vendor "Linux" for product "Linux Kernel"				< 4.4.293 Search vendor "Linux" for product "Linux Kernel" and version " < 4.4.293"		en		Affected
Linux Search vendor "Linux"		Linux Kernel Search vendor "Linux" for product "Linux Kernel"				< 4.9.291 Search vendor "Linux" for product "Linux Kernel" and version " < 4.9.291"		en		Affected
Linux Search vendor "Linux"		Linux Kernel Search vendor "Linux" for product "Linux Kernel"				< 4.14.256 Search vendor "Linux" for product "Linux Kernel" and version " < 4.14.256"		en		Affected
Linux Search vendor "Linux"		Linux Kernel Search vendor "Linux" for product "Linux Kernel"				< 4.19.218 Search vendor "Linux" for product "Linux Kernel" and version " < 4.19.218"		en		Affected
Linux Search vendor "Linux"		Linux Kernel Search vendor "Linux" for product "Linux Kernel"				< 5.4.162 Search vendor "Linux" for product "Linux Kernel" and version " < 5.4.162"		en		Affected
Linux Search vendor "Linux"		Linux Kernel Search vendor "Linux" for product "Linux Kernel"				< 5.10.82 Search vendor "Linux" for product "Linux Kernel" and version " < 5.10.82"		en		Affected
Linux Search vendor "Linux"		Linux Kernel Search vendor "Linux" for product "Linux Kernel"				< 5.15.5 Search vendor "Linux" for product "Linux Kernel" and version " < 5.15.5"		en		Affected
Linux Search vendor "Linux"		Linux Kernel Search vendor "Linux" for product "Linux Kernel"				< 5.16 Search vendor "Linux" for product "Linux Kernel" and version " < 5.16"		en		Affected