CVE-2023-53124 – MPT3SAS NULL Pointer Access Vulnerability

May 2, 2025

CVE ID : CVE-2023-53124

Published : May 2, 2025, 4:15 p.m. | 34 minutes ago

Description : In the Linux kernel, the following vulnerability has been resolved:

scsi: mpt3sas: Fix NULL pointer access in mpt3sas_transport_port_add()

Port is allocated by sas_port_alloc_num() and rphy is allocated by either
sas_end_device_alloc() or sas_expander_alloc(), all of which may return
NULL. So we need to check the rphy to avoid possible NULL pointer access.

If sas_rphy_add() returned with failure, rphy is set to NULL. We would
access the rphy in the following lines which would also result NULL pointer
access.

Severity: 0.0 | NA

Visit the link for more details, such as CVSS details, affected products, timeline, and more…

Source: Read More

Previous ArticleCVE-2023-53127 – Linux Kernel SCSI MPI3MR Resource Leak Vulnerability

Next Article CVE-2023-53125 – “Linux Kernel SMSc75xx Network Stack Buffer Overflow”

Highlights

CVE-2025-49137 – HAX CMS Cross-Site Scripting (XSS)

June 9, 2025

CVE ID : CVE-2025-49137

Published : June 9, 2025, 9:15 p.m. | 2 hours, 44 minutes ago

Description : HAX CMS PHP allows users to manage their microsite universe with a PHP backend. Prior to version 11.0.0, the application does not sufficiently sanitize user input, allowing for the execution of arbitrary JavaScript code. The ‘saveNode’ and ‘saveManifest’ endpoints take user input and store it in the JSON schema for the site. This content is then rendered in the generated HAX site. Although the application does not allow users to supply a `script` tag, it does allow the use of other HTML tags to run JavaScript. Version 11.0.0 fixes the issue.

Severity: 8.5 | HIGH

Visit the link for more details, such as CVSS details, affected products, timeline, and more…

ScyllaDB X Cloud’s autoscaling capabilities meet the needs of unpredictable workloads in real time

Parasoft C/C++test 2025.1, Secure Code Warrior AI Security Rules, and more – Daily News Digest

What I Wish Someone Told Me When I Was Getting Into ARIA

SD Times 100

Clair Obscur: Expedition 33 is a masterpiece, but I totally skipped parts of it (and I won’t apologize)

This Xbox game emotionally wrecked me in less than four hours… I’m going to go hug my cat now

Top 5 desktop PC case features that I can’t live without — and neither should you

‘No aggressive monetization’ — Nexus Mods’ new ownership responds to worried members

Build AI Agents That Run Your Day – While You Focus on What Matters

Build AI Agents That Run Your Day – While You Focus on What Matters

Faster Builds in Meteor 3.3: Modern Build Stack with SWC and Bundler Optimizations

How to Change Redirect After Login/Register in Laravel Breeze

Clair Obscur: Expedition 33 is a masterpiece, but I totally skipped parts of it (and I won’t apologize)

Clair Obscur: Expedition 33 is a masterpiece, but I totally skipped parts of it (and I won’t apologize)

This Xbox game emotionally wrecked me in less than four hours… I’m going to go hug my cat now

Top 5 desktop PC case features that I can’t live without — and neither should you

CVE-2023-53124 – MPT3SAS NULL Pointer Access Vulnerability

The “Infinite Workday” is Here: Microsoft Warns of Never-Ending Work Driven by Hybrid Models & AI

Mastodon Cracks Down: New Terms Ban Unauthorized AI Data Scraping

Warhol Arts: A Digital Playground of Pop, Pixels, and Pure Motion

Building Fully Autonomous Data Analysis Pipelines with the PraisonAI Agent Framework: A Coding Implementation

Laravel 12 Starter Kits: Definite Guide Which to Choose

extundelete recovers deleted files from ext3 or ext4 partitions

CVE-2025-49137 – HAX CMS Cross-Site Scripting (XSS)

An Animated Introduction to Elixir

Microsoft’s Copilot is trying to appeal to the masses — now power users are leaving it behind

CVE-2025-5018 – WordPress Hive Support Plugin Unauthenticated Data Manipulation Vulnerability

CVE-2023-53124 – MPT3SAS NULL Pointer Access Vulnerability

Related Posts