Description

In the Linux kernel, the following vulnerability has been resolved: scsi: mpi3mr: Bad drive in topology results kernel crash When the SAS Transport Layer support is enabled and a device exposed to the OS by the driver fails INQUIRY commands, the driver frees up the memory allocated for an internal HBA port data structure. However, in some places, the reference to the freed memory is not cleared. When the firmware sends the Device Info change event for the same device again, the freed memory is accessed and that leads to memory corruption and OS crash.

INFO

Published Date :

2025-05-02T15:54:56.229Z

Last Modified :

2025-05-12T14:19:20.588Z

Source :

Linux
AFFECTED PRODUCTS

The following products are affected by CVE-2023-53037 vulnerability.

Vendors Products
Linux
  • Linux Kernel
REFERENCES

Here, you will find a curated list of external links that provide in-depth information to CVE-2023-53037.

URL Resource
https://git.kernel.org/stable/c/1f822ae8fb2a20fffa71e9bfa9b203c03d72d3ba cve-icon cve-icon
https://git.kernel.org/stable/c/8e45183978d64699df639e795235433a60f35047 cve-icon cve-icon
https://git.kernel.org/stable/c/aa11e4b6cdb403b9fdef6939550f6b36dd61624d cve-icon cve-icon
https://lore.kernel.org/linux-cve-announce/2025050201-CVE-2023-53037-afe2@gregkh/T cve-icon
https://nvd.nist.gov/vuln/detail/CVE-2023-53037 cve-icon
https://www.cve.org/CVERecord?id=CVE-2023-53037 cve-icon
Login to claim this CVE

CVSS Vulnerability Scoring System

Detailed values of each vector for above chart.
Attack Vector
Attack Complexity
Privileges Required
User Interaction
Scope
Confidentiality Impact
Integrity Impact
Availability Impact