CVE-2021-47193

MEDIUM

Linux Kernel < 5.15.5 - Use-After-Free in SCSI PM80xx Driver

Title source: llm

Description

In the Linux kernel, the following vulnerability has been resolved: scsi: pm80xx: Fix memory leak during rmmod Driver failed to release all memory allocated. This would lead to memory leak during driver removal. Properly free memory when the module is removed.

References (4)

Core 4

Core References

Mailing List

https://lists.debian.org/debian-lts-announce/2025/10/msg00007.html

Patch

https://git.kernel.org/stable/c/0c4398f2ee030d5753f6b0ad83f0ed9077851d9a

Patch

https://git.kernel.org/stable/c/269a4311b15f68d24e816f43f123888f241ed13d

Patch

https://git.kernel.org/stable/c/51e6ed83bb4ade7c360551fa4ae55c4eacea354b

Scores

CVSS v3 5.5

EPSS 0.0022

EPSS Percentile 12.9%

Attack Vector LOCAL

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H

CISA SSVC

Vulnrichment

Exploitation none

Automatable no

Technical Impact partial

Details

CWE

CWE-401

Status published

Products (9)

Linux/Linux < 5.10

Linux/Linux 5.10

Linux/Linux 5.10.241 - 5.10.*

Linux/Linux 5.15.5 - 5.15.*

Linux/Linux 5.16

Linux/Linux 5a141315ed7c2647fa4518570c4941a02588b466 - 0c4398f2ee030d5753f6b0ad83f0ed9077851d9a

Linux/Linux 5a141315ed7c2647fa4518570c4941a02588b466 - 269a4311b15f68d24e816f43f123888f241ed13d

Linux/Linux 5a141315ed7c2647fa4518570c4941a02588b466 - 51e6ed83bb4ade7c360551fa4ae55c4eacea354b

linux/linux_kernel < 5.15.5

Published Apr 10, 2024

Tracked Since Feb 18, 2026