CVE-2023-53603 - Vulnerability Details - OpenCVE

In the Linux kernel, the following vulnerability has been resolved: scsi: qla2xxx: Avoid fcport pointer dereference Klocwork reported warning of NULL pointer may be dereferenced. The routine exits when sa_ctl is NULL and fcport is allocated after the exit call thus causing NULL fcport pointer to dereference at the time of exit. To avoid fcport pointer dereference, exit the routine when sa_ctl is NULL.

No CVSS v4.0

No CVSS v3.1

No CVSS v3.0

No CVSS v2

This CVE is not in the KEV list.

No EPSS score available.

Key SSVC decision points have not yet been added.

No data.

No data.

No data.

No data.

References

Link	Providers
https://git.kernel.org/stable/c/4406fe8a96a946c7ea5724ee59625755a1d9c59d
https://git.kernel.org/stable/c/477bc74ad1add644b606bff6ba1284943c42818a
https://git.kernel.org/stable/c/6b504d06976fe4a61cc05dedc68b84fadb397f77
https://git.kernel.org/stable/c/7bbeff613ec0560fb2f6f8b405288f3f043adf64

History

Sat, 04 Oct 2025 16:00:00 +0000

Type	Values Removed	Values Added
Description		In the Linux kernel, the following vulnerability has been resolved: scsi: qla2xxx: Avoid fcport pointer dereference Klocwork reported warning of NULL pointer may be dereferenced. The routine exits when sa_ctl is NULL and fcport is allocated after the exit call thus causing NULL fcport pointer to dereference at the time of exit. To avoid fcport pointer dereference, exit the routine when sa_ctl is NULL.
Title		scsi: qla2xxx: Avoid fcport pointer dereference
References		https://git.kernel.org/stable/c/4406fe8a96a946c7ea5724ee59625755a1d9c59d https://git.kernel.org/stable/c/477bc74ad1add644b606bff6ba1284943c42818a https://git.kernel.org/stable/c/6b504d06976fe4a61cc05dedc68b84fadb397f77 https://git.kernel.org/stable/c/7bbeff613ec0560fb2f6f8b405288f3f043adf64

MITRE

Status: PUBLISHED

Assigner: Linux

Published: 2025-10-04T15:44:13.820Z

Updated: 2025-10-04T15:44:13.820Z

Reserved: 2025-10-04T15:40:38.479Z

Link: CVE-2023-53603

Vulnrichment

No data.

NVD

Status : Received

Published: 2025-10-04T16:15:56.940

Modified: 2025-10-04T16:15:56.940

Link: CVE-2023-53603

Redhat

No data.

OpenCVE Enrichment

No data.

{"dataType": "CVE_RECORD", "dataVersion": "5.1", "cveMetadata": {"cveId": "CVE-2023-53603", "assignerOrgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "state": "PUBLISHED", "assignerShortName": "Linux", "dateReserved": "2025-10-04T15:40:38.479Z", "datePublished": "2025-10-04T15:44:13.820Z", "dateUpdated": "2025-10-04T15:44:13.820Z"}, "containers": {"cna": {"providerMetadata": {"orgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "shortName": "Linux", "dateUpdated": "2025-10-04T15:44:13.820Z"}, "descriptions": [{"lang": "en", "value": "In the Linux kernel, the following vulnerability has been resolved:\n\nscsi: qla2xxx: Avoid fcport pointer dereference\n\nKlocwork reported warning of NULL pointer may be dereferenced. The routine\nexits when sa_ctl is NULL and fcport is allocated after the exit call thus\ncausing NULL fcport pointer to dereference at the time of exit.\n\nTo avoid fcport pointer dereference, exit the routine when sa_ctl is NULL."}], "affected": [{"product": "Linux", "vendor": "Linux", "defaultStatus": "unaffected", "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git", "programFiles": ["drivers/scsi/qla2xxx/qla_edif.c"], "versions": [{"version": "1da177e4c3f41524e886b7f1b8a0c1fc7321cac2", "lessThan": "4406fe8a96a946c7ea5724ee59625755a1d9c59d", "status": "affected", "versionType": "git"}, {"version": "1da177e4c3f41524e886b7f1b8a0c1fc7321cac2", "lessThan": "477bc74ad1add644b606bff6ba1284943c42818a", "status": "affected", "versionType": "git"}, {"version": "1da177e4c3f41524e886b7f1b8a0c1fc7321cac2", "lessThan": "7bbeff613ec0560fb2f6f8b405288f3f043adf64", "status": "affected", "versionType": "git"}, {"version": "1da177e4c3f41524e886b7f1b8a0c1fc7321cac2", "lessThan": "6b504d06976fe4a61cc05dedc68b84fadb397f77", "status": "affected", "versionType": "git"}]}, {"product": "Linux", "vendor": "Linux", "defaultStatus": "affected", "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git", "programFiles": ["drivers/scsi/qla2xxx/qla_edif.c"], "versions": [{"version": "5.15.121", "lessThanOrEqual": "5.15.*", "status": "unaffected", "versionType": "semver"}, {"version": "6.1.40", "lessThanOrEqual": "6.1.*", "status": "unaffected", "versionType": "semver"}, {"version": "6.4.5", "lessThanOrEqual": "6.4.*", "status": "unaffected", "versionType": "semver"}, {"version": "6.5", "lessThanOrEqual": "*", "status": "unaffected", "versionType": "original_commit_for_fix"}]}], "cpeApplicability": [{"nodes": [{"operator": "OR", "negate": false, "cpeMatch": [{"vulnerable": true, "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "versionEndExcluding": "5.15.121"}, {"vulnerable": true, "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "versionEndExcluding": "6.1.40"}, {"vulnerable": true, "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "versionEndExcluding": "6.4.5"}, {"vulnerable": true, "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "versionEndExcluding": "6.5"}]}]}], "references": [{"url": "https://git.kernel.org/stable/c/4406fe8a96a946c7ea5724ee59625755a1d9c59d"}, {"url": "https://git.kernel.org/stable/c/477bc74ad1add644b606bff6ba1284943c42818a"}, {"url": "https://git.kernel.org/stable/c/7bbeff613ec0560fb2f6f8b405288f3f043adf64"}, {"url": "https://git.kernel.org/stable/c/6b504d06976fe4a61cc05dedc68b84fadb397f77"}], "title": "scsi: qla2xxx: Avoid fcport pointer dereference", "x_generator": {"engine": "bippy-1.2.0"}}}}