Description

In the Linux kernel, the following vulnerability has been resolved: scsi: mpt3sas: Fix NULL pointer access in mpt3sas_transport_port_add() Port is allocated by sas_port_alloc_num() and rphy is allocated by either sas_end_device_alloc() or sas_expander_alloc(), all of which may return NULL. So we need to check the rphy to avoid possible NULL pointer access. If sas_rphy_add() returned with failure, rphy is set to NULL. We would access the rphy in the following lines which would also result NULL pointer access.

INFO

Published Date :

2025-05-02T15:56:00.500Z

Last Modified :

2025-05-04T12:50:29.100Z

Source :

Linux
AFFECTED PRODUCTS

The following products are affected by CVE-2023-53124 vulnerability.

Vendors Products
Linux
  • Linux Kernel
Redhat
  • Enterprise Linux
REFERENCES

Here, you will find a curated list of external links that provide in-depth information to CVE-2023-53124.

URL Resource
https://git.kernel.org/stable/c/090305c36185c0547e4441d4c08f1cf096b32134 cve-icon cve-icon
https://git.kernel.org/stable/c/6f0c2f70d9929208d8427ec72c3ed91e2251e289 cve-icon cve-icon
https://git.kernel.org/stable/c/9937f784a608944107dcc2ba9a9c3333f8330b9e cve-icon cve-icon
https://git.kernel.org/stable/c/a26c775ccc4cfe46f9b718b51bd24313053c7e0b cve-icon cve-icon
https://git.kernel.org/stable/c/b5e5bbb3fa5f8412e96c5eda7f4a4af6241d6bd3 cve-icon cve-icon
https://git.kernel.org/stable/c/d3c57724f1569311e4b81e98fad0931028b9bdcd cve-icon cve-icon
https://lore.kernel.org/linux-cve-announce/2025050232-CVE-2023-53124-9900@gregkh/T cve-icon
https://nvd.nist.gov/vuln/detail/CVE-2023-53124 cve-icon
https://www.cve.org/CVERecord?id=CVE-2023-53124 cve-icon
Login to claim this CVE

CVSS Vulnerability Scoring System

Detailed values of each vector for above chart.
Attack Vector
Attack Complexity
Privileges Required
User Interaction
Scope
Confidentiality Impact
Integrity Impact
Availability Impact