CVE-2023-53124

See a problem?
Please try reporting it to the source first.

Source

https://nvd.nist.gov/vuln/detail/CVE-2023-53124

Import Source

https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2023-53124.json

JSON Data

https://api.osv.dev/v1/vulns/CVE-2023-53124

Related

UBUNTU-CVE-2023-53124

Published

2025-05-02T16:15:31Z

Modified

2025-05-05T22:55:37.137756Z

Summary

[none]

Details

In the Linux kernel, the following vulnerability has been resolved:

scsi: mpt3sas: Fix NULL pointer access in mpt3sastransportport_add()

Port is allocated by sasportallocnum() and rphy is allocated by either sasenddevicealloc() or sasexpanderalloc(), all of which may return NULL. So we need to check the rphy to avoid possible NULL pointer access.

If sasrphyadd() returned with failure, rphy is set to NULL. We would access the rphy in the following lines which would also result NULL pointer access.

References

Affected packages

Debian:11 / linux

Package

Name: linux
Purl: pkg:deb/debian/linux?arch=source

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Fixed

5.10.178-1

Affected versions

5.*

5.10.46-4

5.10.46-5

5.10.70-1~bpo10+1

5.10.70-1

5.10.84-1

5.10.92-1~bpo10+1

5.10.92-1

5.10.92-2

5.10.103-1~bpo10+1

5.10.103-1

5.10.106-1

5.10.113-1

5.10.120-1~bpo10+1

5.10.120-1

5.10.127-1

5.10.127-2~bpo10+1

5.10.127-2

5.10.136-1

5.10.140-1

5.10.148-1

5.10.149-1

5.10.149-2

5.10.158-1

5.10.158-2

5.10.162-1

Ecosystem specific

{
    "urgency": "not yet assigned"
}

Debian:12 / linux

Package

Name: linux
Purl: pkg:deb/debian/linux?arch=source

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Fixed

6.1.25-1

Ecosystem specific

{
    "urgency": "not yet assigned"
}

Debian:13 / linux

Package

Name: linux
Purl: pkg:deb/debian/linux?arch=source

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Fixed

6.1.25-1

Ecosystem specific

{
    "urgency": "not yet assigned"
}