DEBIAN-CVE-2023-53603

DEBIAN-CVE-2023-53603 PUBLISHED CVSS 5.5 MEDIUM

In the Linux kernel, the following vulnerability has been resolved: scsi: qla2xxx: Avoid fcport pointer dereference Klocwork reported warning of NULL pointer may be dereferenced. The routine exits when sa_ctl is NULL and fcport is allocated after the exit call thus causing NULL fcport pointer to dereference at the time of exit. To avoid fcport pointer dereference, exit the routine when sa_ctl is NULL.

Risk Scores

CVSS v3.1

5.5

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H

Affected Products

Vendor	Product	Versions
Debian:14	linux	0, 0, 0
Debian:13	linux	0, 0, 0
Debian:12	linux	6.1.37-1, 6.1.38-3, 6.1.38-4

Timeline

Oct 4, 2025 CVE Published
Apr 28, 2026 CVE Updated

References

https://security-tracker.debian.org/tracker/CVE-2023-53603 advisory

Open in Interactive Console →