CVE-2023-52809: scsi: libfc: Fix potential NULL pointer dereference in fc_lport_ptp_setup()
Description
In the Linux kernel, the following vulnerability has been resolved:
scsi: libfc: Fix potential NULL pointer dereference in fc_lport_ptp_setup()
fc_lport_ptp_setup() did not check the return value of fc_rport_create()
which can return NULL and would cause a NULL pointer dereference. Address
this issue by checking return value of fc_rport_create() and log error
message on fc_rport_create() failed.
Classification
CVE ID: CVE-2023-52809
Affected Products
Vendor: Linux
Product: Linux
Exploit Prediction Scoring System (EPSS)
EPSS Score: 0.04% (probability of being exploited)
EPSS Percentile: 5.08% (scored less or equal to compared to others)
EPSS Date: 2025-02-04 (when was this score calculated)
References
https://git.kernel.org/stable/c/930f0aaba4820d6362de4e6ed569eaf444f1ea4ehttps://git.kernel.org/stable/c/77072ec41d6ab3718c3fc639bc149b8037caedfa
https://git.kernel.org/stable/c/b549acf999824d4f751ca57965700372f2f3ad00
https://git.kernel.org/stable/c/bb83f79f90e92f46466adcfd4fd264a7ae0f0f01
https://git.kernel.org/stable/c/56d78b5495ebecbb9395101f3be177cd0a52450b
https://git.kernel.org/stable/c/442fd24d7b6b29e4a9cd9225afba4142d5f522ba
https://git.kernel.org/stable/c/f6fe7261b92b21109678747f36df9fdab1e30c34
https://git.kernel.org/stable/c/6b9ecf4e1032e645873933e5b43cbb84cac19106
https://git.kernel.org/stable/c/4df105f0ce9f6f30cda4e99f577150d23f0c9c5f