Bug 2363747 (CVE-2023-53037)

Summary: CVE-2023-53037 kernel: scsi: mpi3mr: Bad drive in topology results kernel crash
Product: [Other] Security Response Reporter: OSIDB Bzimport <bzimport>
Component: vulnerabilityAssignee: Product Security DevOps Team <prodsec-dev>
Status: NEW --- QA Contact:
Severity: medium Docs Contact:
Priority: medium    
Version: unspecifiedCC: dfreiber, drow, jburrell, vkumar
Target Milestone: ---Keywords: Security
Target Release: ---   
Hardware: All   
OS: Linux   
Whiteboard:
Fixed In Version: Doc Type: ---
Doc Text:
Story Points: ---
Clone Of: Environment:
Last Closed: Type: ---
Regression: --- Mount Type: ---
Documentation: --- CRM:
Verified Versions: Category: ---
oVirt Team: --- RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: --- Target Upstream Version:
Embargoed:

Description OSIDB Bzimport 2025-05-02 16:04:12 UTC 
In the Linux kernel, the following vulnerability has been resolved:

scsi: mpi3mr: Bad drive in topology results kernel crash

When the SAS Transport Layer support is enabled and a device exposed to
the OS by the driver fails INQUIRY commands, the driver frees up the memory
allocated for an internal HBA port data structure. However, in some places,
the reference to the freed memory is not cleared. When the firmware sends
the Device Info change event for the same device again, the freed memory is
accessed and that leads to memory corruption and OS crash.
Comment 1 Avinash Hanwate 2025-05-05 05:17:18 UTC 
Upstream advisory:
https://lore.kernel.org/linux-cve-announce/2025050201-CVE-2023-53037-afe2@gregkh/T