5.5
CVE-2023-53066
- EPSS 0.05%
- Veröffentlicht 02.05.2025 15:55:19
- Zuletzt bearbeitet 12.11.2025 19:47:44
- Quelle 416baaa9-dc9f-4396-8d5f-8c081f
- CVE-Watchlists
- Unerledigt
qed/qed_sriov: guard against NULL derefs from qed_iov_get_vf_info
In the Linux kernel, the following vulnerability has been resolved: qed/qed_sriov: guard against NULL derefs from qed_iov_get_vf_info We have to make sure that the info returned by the helper is valid before using it. Found by Linux Verification Center (linuxtesting.org) with the SVACE static analysis tool.
Daten sind bereitgestellt durch National Vulnerability Database (NVD)
Linux ≫ Linux Kernel Version >= 4.7 < 4.14.312
Linux ≫ Linux Kernel Version >= 4.15 < 4.19.280
Linux ≫ Linux Kernel Version >= 4.20 < 5.4.240
Linux ≫ Linux Kernel Version >= 5.5 < 5.10.177
Linux ≫ Linux Kernel Version >= 5.11 < 5.15.105
Linux ≫ Linux Kernel Version >= 5.16 < 6.1.22
Linux ≫ Linux Kernel Version >= 6.2 < 6.2.9
Linux ≫ Linux Kernel Version6.3 Updaterc1
Linux ≫ Linux Kernel Version6.3 Updaterc2
Linux ≫ Linux Kernel Version6.3 Updaterc3
VulnDex Vulnerability Enrichment
Diese Information steht angemeldeten Benutzern zur Verfügung. 
Login
Login| Typ | Quelle | Score | Percentile |
|---|---|---|---|
| EPSS | FIRST.org | 0.05% | 0.154 |
| Quelle | Base Score | Exploit Score | Impact Score | Vector String |
|---|---|---|---|---|
| nvd@nist.gov | 5.5 | 1.8 | 3.6 |
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
|
CWE-476 NULL Pointer Dereference
The product dereferences a pointer that it expects to be valid but is NULL.