5.5
CVE-2023-53124
- EPSS 0.02%
- Veröffentlicht 02.05.2025 15:56:00
- Zuletzt bearbeitet 10.11.2025 17:49:51
- Quelle 416baaa9-dc9f-4396-8d5f-8c081f
- CVE-Watchlists
- Unerledigt
In the Linux kernel, the following vulnerability has been resolved: scsi: mpt3sas: Fix NULL pointer access in mpt3sas_transport_port_add() Port is allocated by sas_port_alloc_num() and rphy is allocated by either sas_end_device_alloc() or sas_expander_alloc(), all of which may return NULL. So we need to check the rphy to avoid possible NULL pointer access. If sas_rphy_add() returned with failure, rphy is set to NULL. We would access the rphy in the following lines which would also result NULL pointer access.
Verknüpft mit AI von unstrukturierten Daten zu bestehenden CPE der NVD
Diese Information steht angemeldeten Benutzern zur Verfügung. 
Login
LoginDaten sind bereitgestellt durch National Vulnerability Database (NVD)
Linux ≫ Linux Kernel Version >= 5.4.229 < 5.4.238
Linux ≫ Linux Kernel Version >= 5.10.163 < 5.10.176
Linux ≫ Linux Kernel Version >= 5.15.86 < 5.15.104
Linux ≫ Linux Kernel Version >= 6.0.16 < 6.1
Linux ≫ Linux Kernel Version >= 6.1.2 < 6.1.21
Linux ≫ Linux Kernel Version >= 6.2 < 6.2.8
Linux ≫ Linux Kernel Version6.3 Updaterc1
Linux ≫ Linux Kernel Version6.3 Updaterc2
| Typ | Quelle | Score | Percentile |
|---|---|---|---|
| EPSS | FIRST.org | 0.02% | 0.031 |
| Quelle | Base Score | Exploit Score | Impact Score | Vector String |
|---|---|---|---|---|
| nvd@nist.gov | 5.5 | 1.8 | 3.6 |
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
|
CWE-476 NULL Pointer Dereference
The product dereferences a pointer that it expects to be valid but is NULL.