PT-2025-52971 · Unknown+1 · Qla2Xxx Driver+1

Published

2025-12-24

Updated

2026-03-24

CVE-2023-54014

None

No severity ratings or metrics are available. When they are, we'll update the corresponding info on the page.

Name of the Vulnerable Software and Affected Versions Linux kernel (affected versions not specified)

Description The Linux kernel contains a flaw within the scsi subsystem, specifically in the qla2xxx driver. A check for a valid return value from the fc bsg to rport() function was missing, potentially leading to a null pointer dereference if the function returned a NULL value for the rport. This issue was identified by Klocwork, a static code analysis tool.

Recommendations At the moment, there is no information about a newer version that contains a fix for this vulnerability.

Exploit

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Related Identifiers

CVE-2023-54014

OESA-2026-1231

RHSA-2024:2394

RHSA-2024:3138

SUSE-SU-2026:0263-1

SUSE-SU-2026:0278-1

SUSE-SU-2026:0281-1

SUSE-SU-2026:0293-1

SUSE-SU-2026:0315-1

SUSE-SU-2026:0316-1

SUSE-SU-2026:0317-1

SUSE-SU-2026:0411-1

SUSE-SU-2026:0617-1

SUSE-SU-2026:20477-1

SUSE-SU-2026:20498-1

SUSE-SU-2026:20845-1

SUSE-SU-2026:20876-1

Affected Products

Linux Kernel

Qla2Xxx Driver

PT-2025-52971 · Unknown+1 · Qla2Xxx Driver+1

CVE-2023-54014

Related Identifiers

Affected Products

References · 2265