What is CVE-2021-47480?

CVE-2021-47480 is a Medium severity Linux kernel vulnerability with a CVSS score of 5.5 out of 10. CVE-2021-47480 has not been confirmed as actively exploited and is not listed in the CISA KEV catalog.

What is the CVSS score for CVE-2021-47480?

CVE-2021-47480 has a CVSS score of 5.5 out of 10, rated Medium severity. The vector string is CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H.

Is there a patch available for CVE-2021-47480?

No patch is currently available for CVE-2021-47480. Monitor the NIST NVD and your Linux distribution's security advisories for updates.

Is CVE-2021-47480 actively exploited?

CVE-2021-47480 has not been confirmed as actively exploited and is not listed in the CISA KEV catalog.

CVE-2021-47480

Medium

In the Linux kernel, the following vulnerability has been resolved: scsi: core: Put LLD module refcnt after SCSI device is released SCSI host release is triggered when SCSI device is freed. We have to make sure that the low-level device driver module won't be unloaded before SCSI host instance is released because shost->hostt is required in the release handler. Make sure to put LLD module refcnt after SCSI device is released. Fixes a kernel panic of 'BUG: unable to handle page fault for address' reported by Changhui and Yi.

Package Linux Kernel

Published 2024-05-22

Last modified 2025-09-29

CVSS version 3.1

Patch available

Awaiting data

CVSS 3.1 score

5.5

out of 10

Medium

Attack Vector

Local

Attack Complexity

Low

Privileges Required

Low

User Interaction

None

Scope

Unchanged

Confidentiality

Low

Integrity

None

Availability

High

Vector string

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H

References

The following references provide additional information about CVE-2021-47480 including vendor advisories, patch commits, exploit details, and third-party analysis. Links are sourced from the NIST NVD database.

Kernel patch commit
https://git.kernel.org/stable/c/1105573d964f7b78734348466b01f5f6ba8a1813
Patch
Kernel patch commit
https://git.kernel.org/stable/c/1ce287eff9f23181d5644db787f472463a61f68b
Patch
Kernel patch commit
https://git.kernel.org/stable/c/61a0faa89f21861d1f8d059123b5c285a5d9ffee
Patch

8 patch commits total View all on NVD

Details

CVE ID CVE-2021-47480

Severity Medium

CVSS score 5.5 / 10

CVSS version 3.1

Published 2024-05-22

Modified 2025-09-29

KEV No

Patch Awaiting data

Package linux

Frequently asked questions

What is CVE-2021-47480?

CVE-2021-47480 is a Medium severity Linux kernel vulnerability with a CVSS score of 5.5 out of 10 . CVE-2021-47480 has not been confirmed as actively exploited and is not listed in the CISA KEV catalog.
What is the CVSS score for CVE-2021-47480?

CVE-2021-47480 has a CVSS score of 5.5 out of 10, rated Medium severity (CVSS 3.1). The vector string is CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H.
Is there a patch available for CVE-2021-47480?

No patch is currently available for CVE-2021-47480. Monitor the NIST NVD and your Linux distribution's security advisories for updates.
Is CVE-2021-47480 actively exploited?

No — CVE-2021-47480 has not been confirmed as actively exploited. It is not listed in the CISA Known Exploited Vulnerabilities (KEV) catalog.