CVE Vulnerabilities

CVE-2023-53456

Published: Oct 01, 2025 | Modified: Oct 01, 2025
CVSS 3.x
N/A
Source:
NVD
CVSS 2.x
RedHat/V2
RedHat/V3
Ubuntu

In the Linux kernel, the following vulnerability has been resolved:

scsi: qla4xxx: Add length check when parsing nlattrs

There are three places that qla4xxx parses nlattrs:

  • qla4xxx_set_chap_entry()

  • qla4xxx_iface_set_param()

  • qla4xxx_sysfs_ddb_set_param()

and each of them directly converts the nlattr to specific pointer of structure without length checking. This could be dangerous as those attributes are not validated and a malformed nlattr (e.g., length 0) could result in an OOB read that leaks heap dirty data.

Add the nla_len check before accessing the nlattr data and return EINVAL if the length check fails.

References