How severe is CVE-2021-47203?

This vulnerability has a severity rating of MEDIUM with a CVSS score of 5.5 out of 10.

What type of vulnerability is CVE-2021-47203?

This is classified as CWE-787, which is a common weakness in software security.

CVE-2021-47203 - MEDIUM Severity | CVSS 5.5

Vulnerability Description

In the Linux kernel, the following vulnerability has been resolved: scsi: lpfc: Fix list_add() corruption in lpfc_drain_txq() When parsing the txq list in lpfc_drain_txq(), the driver attempts to pass the requests to the adapter. If such an attempt fails, a local "fail_msg" string is set and a log message output. The job is then added to a completions list for cancellation. Processing of any further jobs from the txq list continues, but since "fail_msg" remains set, jobs are added to the completions list regardless of whether a wqe was passed to the adapter. If successfully added to txcmplq, jobs are added to both lists resulting in list corruption. Fix by clearing the fail_msg string after adding a job to the completions list. This stops the subsequent jobs from being added to the completions list unless they had an appropriate failure.

Related Vulnerabilities

CVE-2012-4900

MEDIUM

CVSS:5.5(Medium)

Corel WordPerfect Office X6 16.0.0.388 has a DoS Vulnerability via untrusted pointer dereference

CWE-7872012

CVE-2015-5158

MEDIUM

CVSS:5.5(Medium)

Stack-based buffer overflow in hw/scsi/scsi-bus.c in QEMU, when built with SCSI-device emulation support, allows guest OS users with CAP_SYS_RAWIO permissions to cause a denial of service (instance cr...

CWE-7872015

CVE-2016-10246

MEDIUM

CVSS:5.5(Medium)

Buffer overflow in the main function in jstest_main.c in Mujstest in Artifex Software, Inc. MuPDF before 1.10 allows remote attackers to cause a denial of service (out-of-bounds write) via a crafted f...

CWE-7872016

CVE-2016-10247

MEDIUM

CVSS:5.5(Medium)

Buffer overflow in the my_getline function in jstest_main.c in Mujstest in Artifex Software, Inc. MuPDF before 1.10 allows remote attackers to cause a denial of service (out-of-bounds write) via a cra...

CWE-7872016

CVE-2016-4289

MEDIUM

CVSS:5.5(Medium)

A stack based buffer overflow vulnerability exists in the method receiving data from SysTreeView32 control of the GMER 2.1.19357 application. A specially created long path can lead to a buffer overflo...

CWE-7872016

CVE-2016-5310

MEDIUM

CVSS:5.5(Medium)

The RAR file parser component in the AntiVirus Decomposer engine in Symantec Advanced Threat Protection: Network (ATP); Symantec Email Security.Cloud; Symantec Data Center Security: Server; Symantec E...

CWE-7872016