| { |
| "containers": { |
| "cna": { |
| "providerMetadata": { |
| "orgId": "f4215fc3-5b6b-47ff-a258-f7189bd81038" |
| }, |
| "descriptions": [ |
| { |
| "lang": "en", |
| "value": "In the Linux kernel, the following vulnerability has been resolved:\n\nscsi: mpt3sas: Fix NULL pointer access in mpt3sas_transport_port_add()\n\nPort is allocated by sas_port_alloc_num() and rphy is allocated by either\nsas_end_device_alloc() or sas_expander_alloc(), all of which may return\nNULL. So we need to check the rphy to avoid possible NULL pointer access.\n\nIf sas_rphy_add() returned with failure, rphy is set to NULL. We would\naccess the rphy in the following lines which would also result NULL pointer\naccess." |
| } |
| ], |
| "affected": [ |
| { |
| "product": "Linux", |
| "vendor": "Linux", |
| "defaultStatus": "unaffected", |
| "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git", |
| "programFiles": [ |
| "drivers/scsi/mpt3sas/mpt3sas_transport.c" |
| ], |
| "versions": [ |
| { |
| "version": "d60000cb1195a464080b0efb4949daf7594e0020", |
| "lessThan": "090305c36185c0547e4441d4c08f1cf096b32134", |
| "status": "affected", |
| "versionType": "git" |
| }, |
| { |
| "version": "ce1a69cc85006b494353911b35171da195d79e25", |
| "lessThan": "6f0c2f70d9929208d8427ec72c3ed91e2251e289", |
| "status": "affected", |
| "versionType": "git" |
| }, |
| { |
| "version": "6a92129c8f999ff5b122c100ce7f625eb3e98c4b", |
| "lessThan": "9937f784a608944107dcc2ba9a9c3333f8330b9e", |
| "status": "affected", |
| "versionType": "git" |
| }, |
| { |
| "version": "d17bca3ddfe507874cb826d32721552da12e741f", |
| "lessThan": "b5e5bbb3fa5f8412e96c5eda7f4a4af6241d6bd3", |
| "status": "affected", |
| "versionType": "git" |
| }, |
| { |
| "version": "78316e9dfc24906dd474630928ed1d3c562b568e", |
| "lessThan": "a26c775ccc4cfe46f9b718b51bd24313053c7e0b", |
| "status": "affected", |
| "versionType": "git" |
| }, |
| { |
| "version": "78316e9dfc24906dd474630928ed1d3c562b568e", |
| "lessThan": "d3c57724f1569311e4b81e98fad0931028b9bdcd", |
| "status": "affected", |
| "versionType": "git" |
| }, |
| { |
| "version": "6f6768e2fc8638fabdd8802c2ef693d7aef01db1", |
| "status": "affected", |
| "versionType": "git" |
| } |
| ] |
| }, |
| { |
| "product": "Linux", |
| "vendor": "Linux", |
| "defaultStatus": "affected", |
| "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git", |
| "programFiles": [ |
| "drivers/scsi/mpt3sas/mpt3sas_transport.c" |
| ], |
| "versions": [ |
| { |
| "version": "6.2", |
| "status": "affected" |
| }, |
| { |
| "version": "0", |
| "lessThan": "6.2", |
| "status": "unaffected", |
| "versionType": "semver" |
| }, |
| { |
| "version": "5.4.238", |
| "lessThanOrEqual": "5.4.*", |
| "status": "unaffected", |
| "versionType": "semver" |
| }, |
| { |
| "version": "5.10.176", |
| "lessThanOrEqual": "5.10.*", |
| "status": "unaffected", |
| "versionType": "semver" |
| }, |
| { |
| "version": "5.15.104", |
| "lessThanOrEqual": "5.15.*", |
| "status": "unaffected", |
| "versionType": "semver" |
| }, |
| { |
| "version": "6.1.21", |
| "lessThanOrEqual": "6.1.*", |
| "status": "unaffected", |
| "versionType": "semver" |
| }, |
| { |
| "version": "6.2.8", |
| "lessThanOrEqual": "6.2.*", |
| "status": "unaffected", |
| "versionType": "semver" |
| }, |
| { |
| "version": "6.3", |
| "lessThanOrEqual": "*", |
| "status": "unaffected", |
| "versionType": "original_commit_for_fix" |
| } |
| ] |
| } |
| ], |
| "cpeApplicability": [ |
| { |
| "nodes": [ |
| { |
| "operator": "OR", |
| "negate": false, |
| "cpeMatch": [ |
| { |
| "vulnerable": true, |
| "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", |
| "versionStartIncluding": "5.4.229", |
| "versionEndExcluding": "5.4.238" |
| }, |
| { |
| "vulnerable": true, |
| "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", |
| "versionStartIncluding": "5.10.163", |
| "versionEndExcluding": "5.10.176" |
| }, |
| { |
| "vulnerable": true, |
| "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", |
| "versionStartIncluding": "5.15.86", |
| "versionEndExcluding": "5.15.104" |
| }, |
| { |
| "vulnerable": true, |
| "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", |
| "versionStartIncluding": "6.1.2", |
| "versionEndExcluding": "6.1.21" |
| }, |
| { |
| "vulnerable": true, |
| "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", |
| "versionStartIncluding": "6.2", |
| "versionEndExcluding": "6.2.8" |
| }, |
| { |
| "vulnerable": true, |
| "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", |
| "versionStartIncluding": "6.2", |
| "versionEndExcluding": "6.3" |
| }, |
| { |
| "vulnerable": true, |
| "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", |
| "versionStartIncluding": "6.0.16" |
| } |
| ] |
| } |
| ] |
| } |
| ], |
| "references": [ |
| { |
| "url": "https://git.kernel.org/stable/c/090305c36185c0547e4441d4c08f1cf096b32134" |
| }, |
| { |
| "url": "https://git.kernel.org/stable/c/6f0c2f70d9929208d8427ec72c3ed91e2251e289" |
| }, |
| { |
| "url": "https://git.kernel.org/stable/c/9937f784a608944107dcc2ba9a9c3333f8330b9e" |
| }, |
| { |
| "url": "https://git.kernel.org/stable/c/b5e5bbb3fa5f8412e96c5eda7f4a4af6241d6bd3" |
| }, |
| { |
| "url": "https://git.kernel.org/stable/c/a26c775ccc4cfe46f9b718b51bd24313053c7e0b" |
| }, |
| { |
| "url": "https://git.kernel.org/stable/c/d3c57724f1569311e4b81e98fad0931028b9bdcd" |
| } |
| ], |
| "title": "scsi: mpt3sas: Fix NULL pointer access in mpt3sas_transport_port_add()", |
| "x_generator": { |
| "engine": "bippy-1.2.0" |
| } |
| } |
| }, |
| "cveMetadata": { |
| "assignerOrgId": "f4215fc3-5b6b-47ff-a258-f7189bd81038", |
| "cveID": "CVE-2023-53124", |
| "requesterUserId": "gregkh@kernel.org", |
| "serial": "1", |
| "state": "PUBLISHED" |
| }, |
| "dataType": "CVE_RECORD", |
| "dataVersion": "5.0" |
| } |
