CVE-2023-53124
- Source
- https://nvd.nist.gov/vuln/detail/CVE-2023-53124
- Import Source
- https://storage.googleapis.com/osv-test-cve-osv-conversion/osv-output/CVE-2023-53124.json
- JSON Data
- https://api.test.osv.dev/v1/vulns/CVE-2023-53124
- Downstream
- Related
- Published
- 2025-05-02T16:15:31Z
- Modified
- 2025-08-09T20:01:28Z
- Summary
- [none]
- Details
-
In the Linux kernel, the following vulnerability has been resolved:
scsi: mpt3sas: Fix NULL pointer access in mpt3sastransportport_add()
Port is allocated by sasportallocnum() and rphy is allocated by either sasenddevicealloc() or sasexpanderalloc(), all of which may return NULL. So we need to check the rphy to avoid possible NULL pointer access.
If sasrphyadd() returned with failure, rphy is set to NULL. We would access the rphy in the following lines which would also result NULL pointer access.
- References
-
- https://git.kernel.org/stable/c/090305c36185c0547e4441d4c08f1cf096b32134
- https://git.kernel.org/stable/c/6f0c2f70d9929208d8427ec72c3ed91e2251e289
- https://git.kernel.org/stable/c/9937f784a608944107dcc2ba9a9c3333f8330b9e
- https://git.kernel.org/stable/c/a26c775ccc4cfe46f9b718b51bd24313053c7e0b
- https://git.kernel.org/stable/c/b5e5bbb3fa5f8412e96c5eda7f4a4af6241d6bd3
- https://git.kernel.org/stable/c/d3c57724f1569311e4b81e98fad0931028b9bdcd