CVE-2023-53124

Source
https://nvd.nist.gov/vuln/detail/CVE-2023-53124
Import Source
https://storage.googleapis.com/osv-test-cve-osv-conversion/osv-output/CVE-2023-53124.json
JSON Data
https://api.test.osv.dev/v1/vulns/CVE-2023-53124
Downstream
Related
Published
2025-05-02T16:15:31Z
Modified
2025-08-09T20:01:28Z
Summary
[none]
Details

In the Linux kernel, the following vulnerability has been resolved:

scsi: mpt3sas: Fix NULL pointer access in mpt3sastransportport_add()

Port is allocated by sasportallocnum() and rphy is allocated by either sasenddevicealloc() or sasexpanderalloc(), all of which may return NULL. So we need to check the rphy to avoid possible NULL pointer access.

If sasrphyadd() returned with failure, rphy is set to NULL. We would access the rphy in the following lines which would also result NULL pointer access.

References

Affected packages