Security
Headlines
HeadlinesLatestCVEs

Headline

CVE-2013-2850: iscsi-target: fix heap buffer overflow on error · torvalds/linux@cea4dcf

Heap-based buffer overflow in the iscsi_add_notunderstood_response function in drivers/target/iscsi/iscsi_target_parameters.c in the iSCSI target subsystem in the Linux kernel through 3.9.4 allows remote attackers to cause a denial of service (memory corruption and OOPS) or possibly execute arbitrary code via a long key that is not properly handled during construction of an error-response packet.

CVE
#linux#dos#perl#buffer_overflow#auth#chrome

Permalink

Browse files

iscsi-target: fix heap buffer overflow on error

If a key was larger than 64 bytes, as checked by iscsi_check_key(), the error response packet, generated by iscsi_add_notunderstood_response(), would still attempt to copy the entire key into the packet, overflowing the structure on the heap.

Remote preauthentication kernel memory corruption was possible if a target was configured and listening on the network.

CVE-2013-2850

Signed-off-by: Kees Cook [email protected] Cc: [email protected] Signed-off-by: Nicholas Bellinger [email protected]

  • Loading branch information

CVE: Latest News

CVE-2023-50976: Transactions API Authorization by oleiman · Pull Request #14969 · redpanda-data/redpanda
CVE-2023-6905
CVE-2023-6903
CVE-2023-6904
CVE-2023-3907