| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Message-ID: <2025123028-CVE-2023-54289-5309@gregkh> Date: Tue, 30 Dec 2025 13:23:42 +0100 From: Greg Kroah-Hartman <gregkh@...uxfoundation.org> To: linux-cve-announce@...r.kernel.org Cc: Greg Kroah-Hartman <gregkh@...nel.org> Subject: CVE-2023-54289: scsi: qedf: Fix NULL dereference in error handling From: Greg Kroah-Hartman <gregkh@...nel.org> Description =========== In the Linux kernel, the following vulnerability has been resolved: scsi: qedf: Fix NULL dereference in error handling Smatch reported: drivers/scsi/qedf/qedf_main.c:3056 qedf_alloc_global_queues() warn: missing unwind goto? At this point in the function, nothing has been allocated so we can return directly. In particular the "qedf->global_queues" have not been allocated so calling qedf_free_global_queues() will lead to a NULL dereference when we check if (!gl[i]) and "gl" is NULL. The Linux kernel CVE team has assigned CVE-2023-54289 to this issue. Affected and fixed versions =========================== Issue introduced in 4.11 with commit 61d8658b4a435eac729966cc94cdda077a8df5cd and fixed in 5.4.251 with commit 961c8370c5f7e80a267680476e1bcff34bffe71a Issue introduced in 4.11 with commit 61d8658b4a435eac729966cc94cdda077a8df5cd and fixed in 5.10.188 with commit ac64019e4d4b08c23edb117e0b2590985e33de1d Issue introduced in 4.11 with commit 61d8658b4a435eac729966cc94cdda077a8df5cd and fixed in 5.15.121 with commit b1de5105d29b145b727b797e2d5de071ab3a7ca1 Issue introduced in 4.11 with commit 61d8658b4a435eac729966cc94cdda077a8df5cd and fixed in 6.1.39 with commit c316bde418af4c2a9df51149ed01d1bd8ca5bebf Issue introduced in 4.11 with commit 61d8658b4a435eac729966cc94cdda077a8df5cd and fixed in 6.3.13 with commit 08c001c1e9444a3046c79a99aa93ac48073b18cc Issue introduced in 4.11 with commit 61d8658b4a435eac729966cc94cdda077a8df5cd and fixed in 6.4.4 with commit 271c9b2eb60149afbeab28cb39e52f73bde9900c Issue introduced in 4.11 with commit 61d8658b4a435eac729966cc94cdda077a8df5cd and fixed in 6.5 with commit f025312b089474a54e4859f3453771314d9e3d4f Please see https://www.kernel.org for a full list of currently supported kernel versions by the kernel community. Unaffected versions might change over time as fixes are backported to older supported kernel versions. The official CVE entry at https://cve.org/CVERecord/?id=CVE-2023-54289 will be updated if fixes are backported, please check that for the most up to date information about this issue. Affected files ============== The file(s) affected by this issue are: drivers/scsi/qedf/qedf_main.c Mitigation ========== The Linux kernel CVE team recommends that you update to the latest stable kernel version for this, and many other bugfixes. Individual changes are never tested alone, but rather are part of a larger kernel release. Cherry-picking individual commits is not recommended or supported by the Linux kernel community at all. If however, updating to the latest release is impossible, the individual changes to resolve this issue can be found at these commits: https://git.kernel.org/stable/c/961c8370c5f7e80a267680476e1bcff34bffe71a https://git.kernel.org/stable/c/ac64019e4d4b08c23edb117e0b2590985e33de1d https://git.kernel.org/stable/c/b1de5105d29b145b727b797e2d5de071ab3a7ca1 https://git.kernel.org/stable/c/c316bde418af4c2a9df51149ed01d1bd8ca5bebf https://git.kernel.org/stable/c/08c001c1e9444a3046c79a99aa93ac48073b18cc https://git.kernel.org/stable/c/271c9b2eb60149afbeab28cb39e52f73bde9900c https://git.kernel.org/stable/c/f025312b089474a54e4859f3453771314d9e3d4f
Powered by blists - more mailing lists