{"id":"CVE-2021-47077","details":"In the Linux kernel, the following vulnerability has been resolved:\n\nscsi: qedf: Add pointer checks in qedf_update_link_speed()\n\nThe following trace was observed:\n\n [   14.042059] Call Trace:\n [   14.042061]  \u003cIRQ\u003e\n [   14.042068]  qedf_link_update+0x144/0x1f0 [qedf]\n [   14.042117]  qed_link_update+0x5c/0x80 [qed]\n [   14.042135]  qed_mcp_handle_link_change+0x2d2/0x410 [qed]\n [   14.042155]  ? qed_set_ptt+0x70/0x80 [qed]\n [   14.042170]  ? qed_set_ptt+0x70/0x80 [qed]\n [   14.042186]  ? qed_rd+0x13/0x40 [qed]\n [   14.042205]  qed_mcp_handle_events+0x437/0x690 [qed]\n [   14.042221]  ? qed_set_ptt+0x70/0x80 [qed]\n [   14.042239]  qed_int_sp_dpc+0x3a6/0x3e0 [qed]\n [   14.042245]  tasklet_action_common.isra.14+0x5a/0x100\n [   14.042250]  __do_softirq+0xe4/0x2f8\n [   14.042253]  irq_exit+0xf7/0x100\n [   14.042255]  do_IRQ+0x7f/0xd0\n [   14.042257]  common_interrupt+0xf/0xf\n [   14.042259]  \u003c/IRQ\u003e\n\nAPI qedf_link_update() is getting called from QED but by that time\nshost_data is not initialised. This results in a NULL pointer dereference\nwhen we try to dereference shost_data while updating supported_speeds.\n\nAdd a NULL pointer check before dereferencing shost_data.","modified":"2026-03-13T05:18:00.908282Z","published":"2024-03-01T22:15:47.283Z","related":["SUSE-SU-2024:0925-1","SUSE-SU-2024:0975-1","SUSE-SU-2024:0976-1","SUSE-SU-2024:1454-1","SUSE-SU-2024:1465-1","SUSE-SU-2024:1489-1"],"references":[{"type":"FIX","url":"https://git.kernel.org/stable/c/73578af92a0fae6609b955fcc9113e50e413c80f"},{"type":"FIX","url":"https://git.kernel.org/stable/c/a6362a737572f66051deb7637f3f77ddf7a4402f"},{"type":"FIX","url":"https://git.kernel.org/stable/c/11014efcec378bb0050a6cf08eaf375e3693400a"}],"affected":[{"database_specific":{"unresolved_ranges":[{"events":[{"introduced":"4.11"},{"fixed":"5.10.40"}]},{"events":[{"introduced":"5.11"},{"fixed":"5.12.7"}]},{"events":[{"introduced":"0"},{"last_affected":"5.13-rc1"}]},{"events":[{"introduced":"0"},{"last_affected":"5.13-rc2"}]}],"source":"https://storage.googleapis.com/osv-test-cve-osv-conversion/osv-output/CVE-2021-47077.json"}}],"schema_version":"1.7.5","severity":[{"type":"CVSS_V3","score":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H"}]}