{"resultsPerPage":1,"startIndex":0,"totalResults":1,"format":"NVD_CVE","version":"2.0","timestamp":"2026-06-15T18:03:04.422","vulnerabilities":[{"cve":{"id":"CVE-2023-53456","sourceIdentifier":"416baaa9-dc9f-4396-8d5f-8c081fb06d67","published":"2025-10-01T12:15:45.983","lastModified":"2026-01-16T21:09:17.963","vulnStatus":"Analyzed","cveTags":[],"descriptions":[{"lang":"en","value":"In the Linux kernel, the following vulnerability has been resolved:\n\nscsi: qla4xxx: Add length check when parsing nlattrs\n\nThere are three places that qla4xxx parses nlattrs:\n\n - qla4xxx_set_chap_entry()\n\n - qla4xxx_iface_set_param()\n\n - qla4xxx_sysfs_ddb_set_param()\n\nand each of them directly converts the nlattr to specific pointer of\nstructure without length checking. This could be dangerous as those\nattributes are not validated and a malformed nlattr (e.g., length 0) could\nresult in an OOB read that leaks heap dirty data.\n\nAdd the nla_len check before accessing the nlattr data and return EINVAL if\nthe length check fails."}],"metrics":{"cvssMetricV31":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H","baseScore":5.5,"baseSeverity":"MEDIUM","attackVector":"LOCAL","attackComplexity":"LOW","privilegesRequired":"LOW","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"NONE","integrityImpact":"NONE","availabilityImpact":"HIGH"},"exploitabilityScore":1.8,"impactScore":3.6}]},"weaknesses":[{"source":"nvd@nist.gov","type":"Primary","description":[{"lang":"en","value":"NVD-CWE-noinfo"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*","versionStartIncluding":"3.2","versionEndExcluding":"4.14.326","matchCriteriaId":"5101C2A9-BFF1-4181-A09E-AD65D7795F6B"},{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*","versionStartIncluding":"4.15","versionEndExcluding":"4.19.295","matchCriteriaId":"D419C7D6-F33D-4EF8-8950-1CB5DDF6A55D"},{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*","versionStartIncluding":"4.20","versionEndExcluding":"5.4.257","matchCriteriaId":"834BD148-28EC-43A4-A4F5-458124A1E39F"},{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*","versionStartIncluding":"5.5","versionEndExcluding":"5.10.195","matchCriteriaId":"C385B650-53DB-4BFB-83D1-1D8FADF653EF"},{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*","versionStartIncluding":"5.11","versionEndExcluding":"5.15.132","matchCriteriaId":"5913891D-409A-4EEC-9231-F2EF5A493BC7"},{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*","versionStartIncluding":"5.16","versionEndExcluding":"6.1.53","matchCriteriaId":"B20754AF-3B8C-4574-A70D-EC24933810E5"},{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*","versionStartIncluding":"6.2","versionEndExcluding":"6.4.16","matchCriteriaId":"C3039EA3-F6CA-43EF-9F17-81A7EC6841EF"},{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*","versionStartIncluding":"6.5","versionEndExcluding":"6.5.3","matchCriteriaId":"880C803A-BEAE-4DA0-8A59-AC023F7B4EE3"}]}]}],"references":[{"url":"https://git.kernel.org/stable/c/25feffb3fbd51ae81d92c65cebc0e932663828b3","source":"416baaa9-dc9f-4396-8d5f-8c081fb06d67","tags":["Patch"]},{"url":"https://git.kernel.org/stable/c/47cd3770e31df942e2bb925a9a855c79ed0662eb","source":"416baaa9-dc9f-4396-8d5f-8c081fb06d67","tags":["Patch"]},{"url":"https://git.kernel.org/stable/c/47f3be62eab50b8cd7e1ae5fc2c4dae687497c34","source":"416baaa9-dc9f-4396-8d5f-8c081fb06d67","tags":["Patch"]},{"url":"https://git.kernel.org/stable/c/4ed21975311247bb84e82298eeb359ec0a0fa84d","source":"416baaa9-dc9f-4396-8d5f-8c081fb06d67","tags":["Patch"]},{"url":"https://git.kernel.org/stable/c/5925e224cc6edfef57b20447f18323208461309b","source":"416baaa9-dc9f-4396-8d5f-8c081fb06d67","tags":["Patch"]},{"url":"https://git.kernel.org/stable/c/6d65079c69dc1feb817ed71f5bd15e83a7d6832d","source":"416baaa9-dc9f-4396-8d5f-8c081fb06d67","tags":["Patch"]},{"url":"https://git.kernel.org/stable/c/b018c0440b871d8b001c996e95fa4538bd292de6","source":"416baaa9-dc9f-4396-8d5f-8c081fb06d67","tags":["Patch"]},{"url":"https://git.kernel.org/stable/c/cfa6a1a79ed6d336fac7a5d87eb5471e4401829f","source":"416baaa9-dc9f-4396-8d5f-8c081fb06d67","tags":["Patch"]},{"url":"https://git.kernel.org/stable/c/f61fc650c47849637fa1771a31a11674c824138a","source":"416baaa9-dc9f-4396-8d5f-8c081fb06d67","tags":["Patch"]}]}}]}