Security Advisory

CVE-2023-53038

CVE vulnerability detail — eXtreme Datacenter Security Operations

Published 2025-05-02 15:54:57
Last updated 2026-05-11 19:37:21
Assigner Linux
State PUBLISHED

Description

In the Linux kernel, the following vulnerability has been resolved: scsi: lpfc: Check kzalloc() in lpfc_sli4_cgn_params_read() If kzalloc() fails in lpfc_sli4_cgn_params_read(), then we rely on lpfc_read_object()s routine to NULL check pdata. Currently, an early return error is thrown from lpfc_read_object() to protect us from NULL ptr dereference, but the errno code is -ENODEV. Change the errno code to a more appropriate -ENOMEM.