CVE-2023-53603 (GCVE-0-2023-53603)
Vulnerability from cvelistv5
Published
2025-10-04 15:44
Modified
2025-10-29 10:50
Severity ?
VLAI Severity ?
EPSS score ?
Summary
In the Linux kernel, the following vulnerability has been resolved:
scsi: qla2xxx: Avoid fcport pointer dereference
Klocwork reported warning of NULL pointer may be dereferenced. The routine
exits when sa_ctl is NULL and fcport is allocated after the exit call thus
causing NULL fcport pointer to dereference at the time of exit.
To avoid fcport pointer dereference, exit the routine when sa_ctl is NULL.
References
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Linux | Linux |
Version: 7b2fbfa4b2cd3a24c1760b85d842e928070d4744 Version: e0fb8ce2bb9e52c846e54ad2c58b5b7beb13eb09 Version: e0fb8ce2bb9e52c846e54ad2c58b5b7beb13eb09 Version: e0fb8ce2bb9e52c846e54ad2c58b5b7beb13eb09 Version: 47b583ad1f7e459689eb1bdd222279a6986ccd69 Version: d2deafaef0330a863b5e046c1154b605588d19f7 |
||
{
"containers": {
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "Linux",
"programFiles": [
"drivers/scsi/qla2xxx/qla_edif.c"
],
"repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
"vendor": "Linux",
"versions": [
{
"lessThan": "4406fe8a96a946c7ea5724ee59625755a1d9c59d",
"status": "affected",
"version": "7b2fbfa4b2cd3a24c1760b85d842e928070d4744",
"versionType": "git"
},
{
"lessThan": "477bc74ad1add644b606bff6ba1284943c42818a",
"status": "affected",
"version": "e0fb8ce2bb9e52c846e54ad2c58b5b7beb13eb09",
"versionType": "git"
},
{
"lessThan": "7bbeff613ec0560fb2f6f8b405288f3f043adf64",
"status": "affected",
"version": "e0fb8ce2bb9e52c846e54ad2c58b5b7beb13eb09",
"versionType": "git"
},
{
"lessThan": "6b504d06976fe4a61cc05dedc68b84fadb397f77",
"status": "affected",
"version": "e0fb8ce2bb9e52c846e54ad2c58b5b7beb13eb09",
"versionType": "git"
},
{
"status": "affected",
"version": "47b583ad1f7e459689eb1bdd222279a6986ccd69",
"versionType": "git"
},
{
"status": "affected",
"version": "d2deafaef0330a863b5e046c1154b605588d19f7",
"versionType": "git"
}
]
},
{
"defaultStatus": "affected",
"product": "Linux",
"programFiles": [
"drivers/scsi/qla2xxx/qla_edif.c"
],
"repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
"vendor": "Linux",
"versions": [
{
"status": "affected",
"version": "6.0"
},
{
"lessThan": "6.0",
"status": "unaffected",
"version": "0",
"versionType": "semver"
},
{
"lessThanOrEqual": "5.15.*",
"status": "unaffected",
"version": "5.15.121",
"versionType": "semver"
},
{
"lessThanOrEqual": "6.1.*",
"status": "unaffected",
"version": "6.1.40",
"versionType": "semver"
},
{
"lessThanOrEqual": "6.4.*",
"status": "unaffected",
"version": "6.4.5",
"versionType": "semver"
},
{
"lessThanOrEqual": "*",
"status": "unaffected",
"version": "6.5",
"versionType": "original_commit_for_fix"
}
]
}
],
"cpeApplicability": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionEndExcluding": "5.15.121",
"versionStartIncluding": "5.15.61",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionEndExcluding": "6.1.40",
"versionStartIncluding": "6.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionEndExcluding": "6.4.5",
"versionStartIncluding": "6.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionEndExcluding": "6.5",
"versionStartIncluding": "6.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionStartIncluding": "5.18.18",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionStartIncluding": "5.19.2",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "In the Linux kernel, the following vulnerability has been resolved:\n\nscsi: qla2xxx: Avoid fcport pointer dereference\n\nKlocwork reported warning of NULL pointer may be dereferenced. The routine\nexits when sa_ctl is NULL and fcport is allocated after the exit call thus\ncausing NULL fcport pointer to dereference at the time of exit.\n\nTo avoid fcport pointer dereference, exit the routine when sa_ctl is NULL."
}
],
"providerMetadata": {
"dateUpdated": "2025-10-29T10:50:33.875Z",
"orgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"shortName": "Linux"
},
"references": [
{
"url": "https://git.kernel.org/stable/c/4406fe8a96a946c7ea5724ee59625755a1d9c59d"
},
{
"url": "https://git.kernel.org/stable/c/477bc74ad1add644b606bff6ba1284943c42818a"
},
{
"url": "https://git.kernel.org/stable/c/7bbeff613ec0560fb2f6f8b405288f3f043adf64"
},
{
"url": "https://git.kernel.org/stable/c/6b504d06976fe4a61cc05dedc68b84fadb397f77"
}
],
"title": "scsi: qla2xxx: Avoid fcport pointer dereference",
"x_generator": {
"engine": "bippy-1.2.0"
}
}
},
"cveMetadata": {
"assignerOrgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"assignerShortName": "Linux",
"cveId": "CVE-2023-53603",
"datePublished": "2025-10-04T15:44:13.820Z",
"dateReserved": "2025-10-04T15:40:38.479Z",
"dateUpdated": "2025-10-29T10:50:33.875Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1",
"vulnerability-lookup:meta": {
"nvd": "{\"cve\":{\"id\":\"CVE-2023-53603\",\"sourceIdentifier\":\"416baaa9-dc9f-4396-8d5f-8c081fb06d67\",\"published\":\"2025-10-04T16:15:56.940\",\"lastModified\":\"2025-10-06T14:56:21.733\",\"vulnStatus\":\"Awaiting Analysis\",\"cveTags\":[],\"descriptions\":[{\"lang\":\"en\",\"value\":\"In the Linux kernel, the following vulnerability has been resolved:\\n\\nscsi: qla2xxx: Avoid fcport pointer dereference\\n\\nKlocwork reported warning of NULL pointer may be dereferenced. The routine\\nexits when sa_ctl is NULL and fcport is allocated after the exit call thus\\ncausing NULL fcport pointer to dereference at the time of exit.\\n\\nTo avoid fcport pointer dereference, exit the routine when sa_ctl is NULL.\"}],\"metrics\":{},\"references\":[{\"url\":\"https://git.kernel.org/stable/c/4406fe8a96a946c7ea5724ee59625755a1d9c59d\",\"source\":\"416baaa9-dc9f-4396-8d5f-8c081fb06d67\"},{\"url\":\"https://git.kernel.org/stable/c/477bc74ad1add644b606bff6ba1284943c42818a\",\"source\":\"416baaa9-dc9f-4396-8d5f-8c081fb06d67\"},{\"url\":\"https://git.kernel.org/stable/c/6b504d06976fe4a61cc05dedc68b84fadb397f77\",\"source\":\"416baaa9-dc9f-4396-8d5f-8c081fb06d67\"},{\"url\":\"https://git.kernel.org/stable/c/7bbeff613ec0560fb2f6f8b405288f3f043adf64\",\"source\":\"416baaa9-dc9f-4396-8d5f-8c081fb06d67\"}]}}"
}
}