CVE-2023-53150

Summary

In the Linux kernel, the following vulnerability has been resolved:

scsi: qla2xxx: Pointer may be dereferenced

Klocwork tool reported pointer 'rport' returned from call to function fc_bsg_to_rport() may be NULL and will be dereferenced.

Add a fix to validate rport before dereferencing.

Affected Software

VendorProductVersion RangeStatus
LinuxLinux7c3df1320e5e875478775e78d01a09aee96b8abe < 005961bd8f066fe931104f67c34ebfcc7f240099affected
LinuxLinux7c3df1320e5e875478775e78d01a09aee96b8abe < a69125a3ce88d9a386872034e7664b30cc4bcbedaffected
LinuxLinux7c3df1320e5e875478775e78d01a09aee96b8abe < 3f22f9ddbb29dba369daddb084be3bacf1587529affected
LinuxLinux7c3df1320e5e875478775e78d01a09aee96b8abe < 5addd62586a94a572359418464ce0ae12fa46187affected
LinuxLinux7c3df1320e5e875478775e78d01a09aee96b8abe < 0715da51391d223bf4981e28346770edea7eeb74affected
LinuxLinux7c3df1320e5e875478775e78d01a09aee96b8abe < b06d1b525364bbcf4929b4b35d81945b10dc9883affected
LinuxLinux7c3df1320e5e875478775e78d01a09aee96b8abe < 22b1d7c8bb59c3376430a8bad5840194b12bf29aaffected
LinuxLinux7c3df1320e5e875478775e78d01a09aee96b8abe < 00eca15319d9ce8c31cdf22f32a3467775423df4affected
LinuxLinux3.1affected
LinuxLinux0 < 3.1unaffected
LinuxLinux4.14.322 <= 4.14.*unaffected
LinuxLinux4.19.291 <= 4.19.*unaffected
LinuxLinux5.4.251 <= 5.4.*unaffected
LinuxLinux5.10.188 <= 5.10.*unaffected
LinuxLinux5.15.121 <= 5.15.*unaffected
LinuxLinux6.1.40 <= 6.1.*unaffected
LinuxLinux6.4.5 <= 6.4.*unaffected
LinuxLinux6.5 <= *unaffected

Weaknesses

References