Null Pointer Dereference in Linux Kernel's RDMA Component Affecting CXGB4
CVE-2023-53335

Currently unrated

Key Information:

Vendor

Linux
Status
Linux
Vendor
CVE Published:
17 September 2025

What is CVE-2023-53335?

A potential null pointer dereference vulnerability exists in the RDMA/cxgb4 component of the Linux kernel. If the function get_ep_from_tid() fails to retrieve a valid endpoint, the subsequent operations could dereference a null pointer, leading to undefined behavior or system instability. The patch addresses this issue by implementing a sanity check to validate the endpoint before it is used, ensuring enhanced stability and security.

Affected Version(s)

Linux 944661dd97f4f257cd914fffec7eb80832ff9141 < 9dca64042d855a24b0bd81ce242e5dc7e939f6eb

Linux 944661dd97f4f257cd914fffec7eb80832ff9141 < 2cfc00e974d75a3aa8155f2660f57d342e1f67ca

Linux 944661dd97f4f257cd914fffec7eb80832ff9141 < 9ddc77eefb2a567b705c3c86ab2ddabe43cadf1b

References

https://git.kernel.org/stable/c/9dca64042d855a24b0bd81ce2...
https://git.kernel.org/stable/c/2cfc00e974d75a3aa8155f266...
https://git.kernel.org/stable/c/9ddc77eefb2a567b705c3c86a...

Timeline

  • Vulnerability published

  • Vulnerability Reserved

.
CVE-2023-53335 : Null Pointer Dereference in Linux Kernel's RDMA Component Affecting CXGB4