CVE-2023-53754
Unknown Unknown - Not Provided

BaseFortify

Vulnerability report for CVE-2023-53754, including description, CVSS score, EPSS score, affected products, exploitability, helpful resources, and attack-flow context.

Publication date: 2025-12-08

Last updated on: 2025-12-08

Assigner: kernel.org

Description

In the Linux kernel, the following vulnerability has been resolved: scsi: lpfc: Fix ioremap issues in lpfc_sli4_pci_mem_setup() When if_type equals zero and pci_resource_start(pdev, PCI_64BIT_BAR4) returns false, drbl_regs_memmap_p is not remapped. This passes a NULL pointer to iounmap(), which can trigger a WARN() on certain arches. When if_type equals six and pci_resource_start(pdev, PCI_64BIT_BAR4) returns true, drbl_regs_memmap_p may has been remapped and ctrl_regs_memmap_p is not remapped. This is a resource leak and passes a NULL pointer to iounmap(). To fix these issues, we need to add null checks before iounmap(), and change some goto labels.

CVSS Scores

EPSS Scores

Probability:
Percentile:

Meta Information

Published
2025-12-08
Last Modified
2025-12-08
Generated
2026-07-06
AI Q&A
2025-12-08
EPSS Evaluated
2026-07-05
NVD
EUVD

Affected Vendors & Products

Showing 1 associated CPE
Vendor Product Version / Range
linux linux_kernel *

Helpful Resources

Exploitability

CWE
CWE Icon
KEV
KEV Icon
CWE ID Description
CWE-UNKNOWN

Attack-Flow Graph

AI Quick Actions

Instant insights powered by AI
Executive Summary

This vulnerability in the Linux kernel's SCSI lpfc driver involves improper handling of memory mapping and unmapping in the function lpfc_sli4_pci_mem_setup(). Specifically, when certain conditions related to if_type and pci_resource_start() are met, NULL pointers may be passed to the iounmap() function, which can trigger warnings or cause resource leaks. The fix involves adding null checks before calling iounmap() and adjusting control flow to prevent these issues.

Impact Analysis

The vulnerability can cause warnings or errors in the kernel due to passing NULL pointers to iounmap(), and may lead to resource leaks. This can affect system stability or reliability on affected architectures, potentially causing unexpected behavior or degraded performance.

Mitigation Strategies

Apply the patch or update to the Linux kernel version that includes the fix for the ioremap issues in lpfc_sli4_pci_mem_setup(), which adds null checks before iounmap() and corrects resource handling to prevent WARN() triggers and resource leaks.

Chat Assistant

Ask questions about this CVE
Hi! I’m here to help you understand CVE-2023-53754. Ask me anything about the vulnerability, its impact, or mitigation strategies.
0/70

EPSS Chart