- Vulnerability/
- CVE-2023-53124
2/5/2025
2/5/2025
CVE-2023-53124: scsi: mpt3sas: Fix NULL pointer access in mpt3sas_transport_port_add()
First published: Fri May 02 2025(Updated: )
In the Linux kernel, the following vulnerability has been resolved: scsi: mpt3sas: Fix NULL pointer access in mpt3sas_transport_port_add() Port is allocated by sas_port_alloc_num() and rphy is allocated by either sas_end_device_alloc() or sas_expander_alloc(), all of which may return NULL. So we need to check the rphy to avoid possible NULL pointer access. If sas_rphy_add() returned with failure, rphy is set to NULL. We would access the rphy in the following lines which would also result NULL pointer access.
Credit: 416baaa9-dc9f-4396-8d5f-8c081fb06d67
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Reference Links
- https://git.kernel.org/stable/c/090305c36185c0547e4441d4c08f1cf096b32134
- https://git.kernel.org/stable/c/6f0c2f70d9929208d8427ec72c3ed91e2251e289
- https://git.kernel.org/stable/c/9937f784a608944107dcc2ba9a9c3333f8330b9e
- https://git.kernel.org/stable/c/b5e5bbb3fa5f8412e96c5eda7f4a4af6241d6bd3
- https://git.kernel.org/stable/c/a26c775ccc4cfe46f9b718b51bd24313053c7e0b
- https://git.kernel.org/stable/c/d3c57724f1569311e4b81e98fad0931028b9bdcd
- collector/mitre-cve
- source/MITRE
- agent/title
- agent/references
- agent/type
- agent/description
- agent/first-publish-date
- collector/nvd-api
- source/NVD
- agent/author
- agent/source
- agent/last-modified-date
- agent/tags
- agent/event