Логотип exploitDog
Консоль
Логотип exploitDog

exploitDog

nvd логотип

CVE-2023-53124

Опубликовано: 02 мая 2025
Источник: nvd
CVSS3: 5.5
EPSS Низкий

Описание

In the Linux kernel, the following vulnerability has been resolved:

scsi: mpt3sas: Fix NULL pointer access in mpt3sas_transport_port_add()

Port is allocated by sas_port_alloc_num() and rphy is allocated by either sas_end_device_alloc() or sas_expander_alloc(), all of which may return NULL. So we need to check the rphy to avoid possible NULL pointer access.

If sas_rphy_add() returned with failure, rphy is set to NULL. We would access the rphy in the following lines which would also result NULL pointer access.

Ссылки

Уязвимые конфигурации

Конфигурация 1

Одно из

cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*
Версия от 5.4.229 (включая) до 5.4.238 (исключая)
cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*
Версия от 5.10.163 (включая) до 5.10.176 (исключая)
cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*
Версия от 5.15.86 (включая) до 5.15.104 (исключая)
cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*
Версия от 6.0.16 (включая) до 6.1 (исключая)
cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*
Версия от 6.1.2 (включая) до 6.1.21 (исключая)
cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*
Версия от 6.2 (включая) до 6.2.8 (исключая)
cpe:2.3:o:linux:linux_kernel:6.3:rc1:*:*:*:*:*:*
cpe:2.3:o:linux:linux_kernel:6.3:rc2:*:*:*:*:*:*

EPSS

Процентиль: 5%
0.00021
Низкий

5.5 Medium

CVSS3

Дефекты

CWE-476

Связанные уязвимости

ubuntu логотип

CVE-2023-53124

CVSS3: 5.5
ubuntu
9 месяцев назад

In the Linux kernel, the following vulnerability has been resolved: scsi: mpt3sas: Fix NULL pointer access in mpt3sas_transport_port_add() Port is allocated by sas_port_alloc_num() and rphy is allocated by either sas_end_device_alloc() or sas_expander_alloc(), all of which may return NULL. So we need to check the rphy to avoid possible NULL pointer access. If sas_rphy_add() returned with failure, rphy is set to NULL. We would access the rphy in the following lines which would also result NULL pointer access.

redhat логотип

CVE-2023-53124

CVSS3: 5.5
redhat
9 месяцев назад

In the Linux kernel, the following vulnerability has been resolved: scsi: mpt3sas: Fix NULL pointer access in mpt3sas_transport_port_add() Port is allocated by sas_port_alloc_num() and rphy is allocated by either sas_end_device_alloc() or sas_expander_alloc(), all of which may return NULL. So we need to check the rphy to avoid possible NULL pointer access. If sas_rphy_add() returned with failure, rphy is set to NULL. We would access the rphy in the following lines which would also result NULL pointer access.

debian логотип

CVE-2023-53124

CVSS3: 5.5
debian
9 месяцев назад

In the Linux kernel, the following vulnerability has been resolved: s ...

redos логотип

ROS-20260202-73-0017

CVSS3: 5.5
redos
5 дней назад

Уязвимость kernel-lt

github логотип

GHSA-726g-xghf-35vc

CVSS3: 5.5
github
9 месяцев назад

In the Linux kernel, the following vulnerability has been resolved: scsi: mpt3sas: Fix NULL pointer access in mpt3sas_transport_port_add() Port is allocated by sas_port_alloc_num() and rphy is allocated by either sas_end_device_alloc() or sas_expander_alloc(), all of which may return NULL. So we need to check the rphy to avoid possible NULL pointer access. If sas_rphy_add() returned with failure, rphy is set to NULL. We would access the rphy in the following lines which would also result NULL pointer access.

EPSS

Процентиль: 5%
0.00021
Низкий

5.5 Medium

CVSS3

Дефекты

CWE-476