PT-2025-37686 · Linux+4 · Linux Kernel+5

Published

2023-07-31

Updated

2026-04-14

CVE-2023-53245

CVSS v3.1

5.5

Medium

Vector

AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H

Name of the Vulnerable Software and Affected Versions Linux kernel (affected versions not specified)

Description The storvsc driver in the Linux kernel mishandles virtual Fibre Channel timeouts when integrating with the Fibre Channel transport in the SCSI subsystem. Specifically, the fc eh timed out() function causes a kernel panic due to a NULL pointer dereference when called from the storvsc driver. The issue occurs because of incomplete integration with Hyper-V's Fibre Channel functionality. The fix removes the call to fc eh timed out() from storvsc, allowing the driver to continue waiting for a response instead of panicking.

Recommendations At the moment, there is no information about a newer version that contains a fix for this vulnerability.

Exploit

DoS

NULL Pointer Dereference

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-476

Related Identifiers

BDU:2026-03955

CVE-2023-53245

RHSA-2023:5604

RHSA-2023:5627

RHSA-2023:6583

RHSA-2023:7077

SUSE-SU-2025:03600-1

SUSE-SU-2025:03614-1

SUSE-SU-2025:03615-1

SUSE-SU-2025:03628-1

SUSE-SU-2025:03634-1

SUSE-SU-2025:20851-1

SUSE-SU-2025:20861-1

SUSE-SU-2025:20870-1

SUSE-SU-2025:20898-1

SUSE-SU-2025:3716-1

SUSE-SU-2025:3751-1

SUSE-SU-2025:3761-1

SUSE-SU-2025:4057-1

SUSE-SU-2025:4132-1

SUSE-SU-2025:4141-1

Affected Products

Astra Linux

Hyper-V

Linux Kernel

Red Os

Suse

Storvsc

PT-2025-37686 · Linux+4 · Linux Kernel+5

CVE-2023-53245

Weakness Enumeration

Related Identifiers

Affected Products

References · 2057