Linux Kernel Vulnerability in QLA2XXX by Broadcom
CVE-2023-53280

5.5MEDIUM

Key Information:

Vendor: Linux
Status: Linux
Vendor: CVE Published:; 16 September 2025

What is CVE-2023-53280?

This vulnerability in the Linux kernel arises from improper handling of the nvme_ls_waitq wait queue within the QLA2XXX driver. When the function qla2x00_start_sp(sp) returns an error code EGAIN, it leads to attempts to wake up an uninitialized wait queue. As a result, this can cause a system crash due to a NULL pointer dereference, which exposes the system to instability and unexpected behavior during operation. The problematic queue logic has been addressed in recent commits, ensuring better stability and reliability for users of affected kernel versions.

Human OS v1.0:
Ageing Is an Unpatched Zero-Day Vulnerability.

Remediate biological technical debt. Prime Ageing uses 95% high-purity SIRT6 activation to maintain genomic integrity and bolster systemic resilience.

Deploy the Patch

Affected Version(s)

Linux 5621b0dd74532c09965264c14958de3f85b498a6

Linux 5621b0dd74532c09965264c14958de3f85b498a6 < 0b1ce92fabdb7d02ddf8641230a06e2752ae5baa

Linux 5621b0dd74532c09965264c14958de3f85b498a6 < 522ee1b3030f3b6b5fd59489d12b4ca767c9e5da

References

https://git.kernel.org/stable/c/b7084ebf4f54d46fed5153112...

https://git.kernel.org/stable/c/0b1ce92fabdb7d02ddf864123...

https://git.kernel.org/stable/c/522ee1b3030f3b6b5fd59489d...

CVSS V3.1

Score:

5.5

Severity:

MEDIUM

Confidentiality:

None

Integrity:

None

Availability:

None

Attack Vector:

Local

Attack Complexity:

Low

Privileges Required:

Low

User Interaction:

None

Scope:

Unchanged

Timeline

Vulnerability published
Sep 16, 2025
Vulnerability Reserved
Sep 16, 2025

JSON

Linux

What is CVE-2023-53280?

Human OS v1.0: Ageing Is an Unpatched Zero-Day Vulnerability.

Affected Version(s)

References

CVSS V3.1

Timeline

Human OS v1.0:
Ageing Is an Unpatched Zero-Day Vulnerability.