VYPR
Unrated severityNVD Advisory· Published Dec 30, 2025· Updated Apr 15, 2026

CVE-2023-54289

CVE-2023-54289

Description

In the Linux kernel, the following vulnerability has been resolved:

scsi: qedf: Fix NULL dereference in error handling

Smatch reported:

drivers/scsi/qedf/qedf_main.c:3056 qedf_alloc_global_queues() warn: missing unwind goto?

At this point in the function, nothing has been allocated so we can return directly. In particular the "qedf->global_queues" have not been allocated so calling qedf_free_global_queues() will lead to a NULL dereference when we check if (!gl[i]) and "gl" is NULL.

AI Insight

LLM-synthesized narrative grounded in this CVE's description and references.

Affected products

146

Patches

Vulnerability mechanics

References

7

News mentions

0

No linked articles in our index yet.