CVE-2021-47192

Name of the Vulnerable Software and Affected Versions Linux kernel (affected versions not specified)

Description The issue is related to a regression in the Linux kernel's scsi core, specifically with the sysfs interface. After iSCSI recovery, the iscsid daemon calls into the kernel to set the device's state to running. However, due to a patch, the kernel now calls scsi rescan device() with the state mutex held, leading to a deadlock. The SCSI error handler thread tries to grab the state mutex, but it is already held by scsi rescan device(), causing the system to hang. To prevent this deadlock, the rescan-related code is moved to after the state mutex is dropped. This fix also adds a check to prevent extra scans when the device is already in the running state.

Recommendations At the moment, there is no information about a newer version that contains a fix for this vulnerability.