CVE-2023-53451 - Vulnerability Details - OpenCVE

In the Linux kernel, the following vulnerability has been resolved: scsi: qla2xxx: Fix potential NULL pointer dereference Klocwork tool reported 'cur_dsd' may be dereferenced. Add fix to validate pointer before dereferencing the pointer.

No CVSS v4.0

Attack Vector Local

Attack Complexity Low

Privileges Required Low

Scope Unchanged

Confidentiality Impact None

Integrity Impact None

Availability Impact High

User Interaction None

No CVSS v3.0

No CVSS v2

This CVE is not in the KEV list.

The EPSS score is 0.00024.

Key SSVC decision points have not yet been added.

Vendors	Products
Linux	Linux Kernel

No data.

No data.

OpenCVE Enrichment is a feature of OpenCVE that uses AI to automatically link vendors and products to CVEs. Learn more on GitHub.

Vendors	Products
Linux	Linux Kernel

References

Link	Providers
https://git.kernel.org/stable/c/02405f4023866ae91a611b5b85cb2e074ec2de5a
https://git.kernel.org/stable/c/2bea9c1c983152c5411f5a2f1113cb790ce1389d
https://git.kernel.org/stable/c/464ea494a40c6e3e0e8f91dd325408aaf21515ba
https://git.kernel.org/stable/c/4f90a8b0481615622bd0558aa8cf361bea872045
https://git.kernel.org/stable/c/5a52a2e14fe866541bbc0033058e44bf0bf0c580
https://git.kernel.org/stable/c/af7affc0f6b82a5bde430fc4f0dcf70963442fbc
https://git.kernel.org/stable/c/ce2cdbe530b0066bae1f98dbab590a232d507eaa
https://git.kernel.org/stable/c/ee4c9a93238b9ce3703942500cb1aeacf77090d2
https://lore.kernel.org/linux-cve-announce/2025100103-CVE-2023-53451-bb02@gregkh/T
https://nvd.nist.gov/vuln/detail/CVE-2023-53451
https://www.cve.org/CVERecord?id=CVE-2023-53451

History

Thu, 02 Oct 2025 12:15:00 +0000

Type	Values Removed	Values Added
References		https://lore.kernel.org/linux-cve-announce/2025100103-CVE-2023-53451-bb02@gregkh/T https://nvd.nist.gov/vuln/detail/CVE-2023-53451 https://www.cve.org/CVERecord?id=CVE-2023-53451
Metrics	threat_severity `None`	cvssV3_1 `{'score': 5.5, 'vector': 'CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H'}` threat_severity `Low`

Thu, 02 Oct 2025 09:00:00 +0000

Type	Values Removed	Values Added
First Time appeared		Linux Linux linux Kernel
Vendors & Products		Linux Linux linux Kernel

Wed, 01 Oct 2025 12:00:00 +0000

Type	Values Removed	Values Added
Description		In the Linux kernel, the following vulnerability has been resolved: scsi: qla2xxx: Fix potential NULL pointer dereference Klocwork tool reported 'cur_dsd' may be dereferenced. Add fix to validate pointer before dereferencing the pointer.
Title		scsi: qla2xxx: Fix potential NULL pointer dereference
References		https://git.kernel.org/stable/c/02405f4023866ae91a611b5b85cb2e074ec2de5a https://git.kernel.org/stable/c/2bea9c1c983152c5411f5a2f1113cb790ce1389d https://git.kernel.org/stable/c/464ea494a40c6e3e0e8f91dd325408aaf21515ba https://git.kernel.org/stable/c/4f90a8b0481615622bd0558aa8cf361bea872045 https://git.kernel.org/stable/c/5a52a2e14fe866541bbc0033058e44bf0bf0c580 https://git.kernel.org/stable/c/af7affc0f6b82a5bde430fc4f0dcf70963442fbc https://git.kernel.org/stable/c/ce2cdbe530b0066bae1f98dbab590a232d507eaa https://git.kernel.org/stable/c/ee4c9a93238b9ce3703942500cb1aeacf77090d2

MITRE

Status: PUBLISHED

Assigner: Linux

Published: 2025-10-01T11:42:22.857Z

Updated: 2025-10-01T11:42:22.857Z

Reserved: 2025-09-17T14:54:09.754Z

Link: CVE-2023-53451

Vulnrichment

No data.

NVD

Status : Received

Published: 2025-10-01T12:15:43.413

Modified: 2025-10-01T12:15:43.413

Link: CVE-2023-53451

Redhat

Severity : Low

Publid Date: 2025-10-01T00:00:00Z

Links: CVE-2023-53451 - Bugzilla

OpenCVE Enrichment

Updated: 2025-10-02T08:39:58Z

{"dataType": "CVE_RECORD", "dataVersion": "5.1", "cveMetadata": {"cveId": "CVE-2023-53451", "assignerOrgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "state": "PUBLISHED", "assignerShortName": "Linux", "dateReserved": "2025-09-17T14:54:09.754Z", "datePublished": "2025-10-01T11:42:22.857Z", "dateUpdated": "2025-10-01T11:42:22.857Z"}, "containers": {"cna": {"providerMetadata": {"orgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "shortName": "Linux", "dateUpdated": "2025-10-01T11:42:22.857Z"}, "descriptions": [{"lang": "en", "value": "In the Linux kernel, the following vulnerability has been resolved:\n\nscsi: qla2xxx: Fix potential NULL pointer dereference\n\nKlocwork tool reported 'cur_dsd' may be dereferenced. Add fix to validate\npointer before dereferencing the pointer."}], "affected": [{"product": "Linux", "vendor": "Linux", "defaultStatus": "unaffected", "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git", "programFiles": ["drivers/scsi/qla2xxx/qla_iocb.c"], "versions": [{"version": "1da177e4c3f41524e886b7f1b8a0c1fc7321cac2", "lessThan": "02405f4023866ae91a611b5b85cb2e074ec2de5a", "status": "affected", "versionType": "git"}, {"version": "1da177e4c3f41524e886b7f1b8a0c1fc7321cac2", "lessThan": "ee4c9a93238b9ce3703942500cb1aeacf77090d2", "status": "affected", "versionType": "git"}, {"version": "1da177e4c3f41524e886b7f1b8a0c1fc7321cac2", "lessThan": "4f90a8b0481615622bd0558aa8cf361bea872045", "status": "affected", "versionType": "git"}, {"version": "1da177e4c3f41524e886b7f1b8a0c1fc7321cac2", "lessThan": "2bea9c1c983152c5411f5a2f1113cb790ce1389d", "status": "affected", "versionType": "git"}, {"version": "1da177e4c3f41524e886b7f1b8a0c1fc7321cac2", "lessThan": "5a52a2e14fe866541bbc0033058e44bf0bf0c580", "status": "affected", "versionType": "git"}, {"version": "1da177e4c3f41524e886b7f1b8a0c1fc7321cac2", "lessThan": "ce2cdbe530b0066bae1f98dbab590a232d507eaa", "status": "affected", "versionType": "git"}, {"version": "1da177e4c3f41524e886b7f1b8a0c1fc7321cac2", "lessThan": "af7affc0f6b82a5bde430fc4f0dcf70963442fbc", "status": "affected", "versionType": "git"}, {"version": "1da177e4c3f41524e886b7f1b8a0c1fc7321cac2", "lessThan": "464ea494a40c6e3e0e8f91dd325408aaf21515ba", "status": "affected", "versionType": "git"}]}, {"product": "Linux", "vendor": "Linux", "defaultStatus": "affected", "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git", "programFiles": ["drivers/scsi/qla2xxx/qla_iocb.c"], "versions": [{"version": "4.14.322", "lessThanOrEqual": "4.14.*", "status": "unaffected", "versionType": "semver"}, {"version": "4.19.291", "lessThanOrEqual": "4.19.*", "status": "unaffected", "versionType": "semver"}, {"version": "5.4.251", "lessThanOrEqual": "5.4.*", "status": "unaffected", "versionType": "semver"}, {"version": "5.10.188", "lessThanOrEqual": "5.10.*", "status": "unaffected", "versionType": "semver"}, {"version": "5.15.121", "lessThanOrEqual": "5.15.*", "status": "unaffected", "versionType": "semver"}, {"version": "6.1.40", "lessThanOrEqual": "6.1.*", "status": "unaffected", "versionType": "semver"}, {"version": "6.4.5", "lessThanOrEqual": "6.4.*", "status": "unaffected", "versionType": "semver"}, {"version": "6.5", "lessThanOrEqual": "*", "status": "unaffected", "versionType": "original_commit_for_fix"}]}], "cpeApplicability": [{"nodes": [{"operator": "OR", "negate": false, "cpeMatch": [{"vulnerable": true, "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "versionEndExcluding": "4.14.322"}, {"vulnerable": true, "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "versionEndExcluding": "4.19.291"}, {"vulnerable": true, "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "versionEndExcluding": "5.4.251"}, {"vulnerable": true, "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "versionEndExcluding": "5.10.188"}, {"vulnerable": true, "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "versionEndExcluding": "5.15.121"}, {"vulnerable": true, "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "versionEndExcluding": "6.1.40"}, {"vulnerable": true, "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "versionEndExcluding": "6.4.5"}, {"vulnerable": true, "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "versionEndExcluding": "6.5"}]}]}], "references": [{"url": "https://git.kernel.org/stable/c/02405f4023866ae91a611b5b85cb2e074ec2de5a"}, {"url": "https://git.kernel.org/stable/c/ee4c9a93238b9ce3703942500cb1aeacf77090d2"}, {"url": "https://git.kernel.org/stable/c/4f90a8b0481615622bd0558aa8cf361bea872045"}, {"url": "https://git.kernel.org/stable/c/2bea9c1c983152c5411f5a2f1113cb790ce1389d"}, {"url": "https://git.kernel.org/stable/c/5a52a2e14fe866541bbc0033058e44bf0bf0c580"}, {"url": "https://git.kernel.org/stable/c/ce2cdbe530b0066bae1f98dbab590a232d507eaa"}, {"url": "https://git.kernel.org/stable/c/af7affc0f6b82a5bde430fc4f0dcf70963442fbc"}, {"url": "https://git.kernel.org/stable/c/464ea494a40c6e3e0e8f91dd325408aaf21515ba"}], "title": "scsi: qla2xxx: Fix potential NULL pointer dereference", "x_generator": {"engine": "bippy-1.2.0"}}}}