CVE-2023-53038
- Source
- https://cve.org/CVERecord?id=CVE-2023-53038
- Import Source
- https://storage.googleapis.com/osv-test-cve-osv-conversion/osv-output/CVE-2023-53038.json
- JSON Data
- https://api.test.osv.dev/v1/vulns/CVE-2023-53038
- Downstream
- Related
- Published
- 2025-05-02T15:54:57.091Z
- Modified
- 2026-04-03T13:14:42.315878352Z
- Summary
- scsi: lpfc: Check kzalloc() in lpfc_sli4_cgn_params_read()
- Details
-
In the Linux kernel, the following vulnerability has been resolved:
scsi: lpfc: Check kzalloc() in lpfcsli4cgnparamsread()
If kzalloc() fails in lpfcsli4cgnparamsread(), then we rely on lpfcreadobject()'s routine to NULL check pdata.
Currently, an early return error is thrown from lpfcreadobject() to protect us from NULL ptr dereference, but the errno code is -ENODEV.
Change the errno code to a more appropriate -ENOMEM.
- Database specific
{ "osv_generated_from": "https://github.com/CVEProject/cvelistV5/tree/main/cves/2023/53xxx/CVE-2023-53038.json", "cna_assigner": "Linux" }- References
-
- https://git.kernel.org/stable/c/312320b0e0ec21249a17645683fe5304d796aec1
- https://git.kernel.org/stable/c/4829a1e1171536978b240a1438789c2e4d5c9715
- https://git.kernel.org/stable/c/67b8343998b84418bc5b5206aa01fe9b461a80ef
- https://git.kernel.org/stable/c/908dd9a0853a88155a5a36018c7e2b32ccf20379
- https://github.com/CVEProject/cvelistV5/tree/main/cves/2023/53xxx/CVE-2023-53038.json
- https://nvd.nist.gov/vuln/detail/CVE-2023-53038
- https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git
Affected packages
Git / git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git
Affected ranges
- Type
- GIT
- Repo
- https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git
- Events
-
Introduced72df8a452883b0be334396acba07df77c3c3f6c7Fixed67b8343998b84418bc5b5206aa01fe9b461a80efFixed4829a1e1171536978b240a1438789c2e4d5c9715Fixed908dd9a0853a88155a5a36018c7e2b32ccf20379Fixed312320b0e0ec21249a17645683fe5304d796aec1