CVE-2023-54014

scsi: qla2xxx: Check valid rport returned by fc_bsg_to_rport()

Severity Score

"-"

*CVSS v-

Exploit Likelihood

*EPSS

Affected Versions

*CPE

Public Exploits

*Multiple Sources

Exploited in Wild

*KEV

Decision

*SSVC

Descriptions

In the Linux kernel, the following vulnerability has been resolved: scsi: qla2xxx: Check valid rport returned by fc_bsg_to_rport() Klocwork reported warning of rport maybe NULL and will be dereferenced.
rport returned by call to fc_bsg_to_rport() could be NULL and dereferenced. Check valid rport returned by fc_bsg_to_rport().

*Credits: N/A

CVSS Scores

Attack Vector

Attack Complexity

Privileges Required

User Interaction

Scope

Confidentiality

Integrity

Availability

* Common Vulnerability Scoring System

SSVC

Decision:-

Exploitation

Automatable

Tech. Impact

* Organization's Worst-case Scenario

Timeline

2025-12-24 CVE Reserved
2025-12-24 CVE Published
2025-12-30 EPSS Updated
2026-01-05 CVE Updated
---------- Exploited in Wild
---------- KEV Due Date
---------- First Exploit

CWE

CAPEC

References (9)

URL	Tag	Source
https://git.kernel.org/stable/c/75cc8cfc6e13d42d50c2bf4307d0a68c2a70f709	Vuln. Introduced

URL	Date	SRC

URL	Date	SRC
https://git.kernel.org/stable/c/f35bd94b4e11c41de90cd0fa72c9062e8196822f	2023-08-11
https://git.kernel.org/stable/c/ccd3bc595bda67db5a347b9050c2df28f292d3fb	2023-08-11
https://git.kernel.org/stable/c/1b7e5bdf2be22ae8c61bdca5a5f96ec2746e9639	2023-07-27
https://git.kernel.org/stable/c/921d6844625527a92d1178262a633cc88a8e61bd	2023-07-27
https://git.kernel.org/stable/c/1ccd52b790a66b8b5f75c87eab8c3a37f941a2bf	2023-07-23
https://git.kernel.org/stable/c/e466930717ef18c112585a39fc6174d8eb441df5	2023-07-23
https://git.kernel.org/stable/c/ced5460eae772e847debbc0b65ef93aedab92d3f	2023-07-23
https://git.kernel.org/stable/c/af73f23a27206ffb3c477cac75b5fcf03410556e	2023-06-15

URL	Date	SRC

Affected Vendors, Products, and Versions

Vendor		Product				Version		Other		Status
Vendor	Product	Version	Other	Status	<-- -->	Vendor	Product	Version	Other	Status
Linux Search vendor "Linux"		Linux Kernel Search vendor "Linux" for product "Linux Kernel"				>= 4.10 < 4.14.322 Search vendor "Linux" for product "Linux Kernel" and version " >= 4.10 < 4.14.322"		en		Affected
Linux Search vendor "Linux"		Linux Kernel Search vendor "Linux" for product "Linux Kernel"				>= 4.10 < 4.19.291 Search vendor "Linux" for product "Linux Kernel" and version " >= 4.10 < 4.19.291"		en		Affected
Linux Search vendor "Linux"		Linux Kernel Search vendor "Linux" for product "Linux Kernel"				>= 4.10 < 5.4.251 Search vendor "Linux" for product "Linux Kernel" and version " >= 4.10 < 5.4.251"		en		Affected
Linux Search vendor "Linux"		Linux Kernel Search vendor "Linux" for product "Linux Kernel"				>= 4.10 < 5.10.188 Search vendor "Linux" for product "Linux Kernel" and version " >= 4.10 < 5.10.188"		en		Affected
Linux Search vendor "Linux"		Linux Kernel Search vendor "Linux" for product "Linux Kernel"				>= 4.10 < 5.15.121 Search vendor "Linux" for product "Linux Kernel" and version " >= 4.10 < 5.15.121"		en		Affected
Linux Search vendor "Linux"		Linux Kernel Search vendor "Linux" for product "Linux Kernel"				>= 4.10 < 6.1.40 Search vendor "Linux" for product "Linux Kernel" and version " >= 4.10 < 6.1.40"		en		Affected
Linux Search vendor "Linux"		Linux Kernel Search vendor "Linux" for product "Linux Kernel"				>= 4.10 < 6.4.5 Search vendor "Linux" for product "Linux Kernel" and version " >= 4.10 < 6.4.5"		en		Affected
Linux Search vendor "Linux"		Linux Kernel Search vendor "Linux" for product "Linux Kernel"				>= 4.10 < 6.5 Search vendor "Linux" for product "Linux Kernel" and version " >= 4.10 < 6.5"		en		Affected