Buffer Overflow Vulnerability in Linux Kernel Affecting iSCSI Connections
CVE-2023-53676
What is CVE-2023-53676?
A vulnerability in the Linux kernel's handling of iSCSI connections has been identified, specifically within the lio_target_nacl_info_show() function. This function employs sprintf() inside a loop to output details for each iSCSI connection in a session. However, it fails to adequately verify the buffer's length, potentially allowing for a buffer overflow if an excessive number of iSCSI connections are active. This overflow can lead to memory corruption, which poses a significant security risk. The vulnerability has been addressed by replacing sprintf() with the safer sysfs_emit_at() function, which includes checks for buffer boundaries, thereby enhancing overall system security.
Affected Version(s)
Linux 1da177e4c3f41524e886b7f1b8a0c1fc7321cac2
Linux 1da177e4c3f41524e886b7f1b8a0c1fc7321cac2 < 114b44dddea1f8f99576de3c0e6e9059012002fc
Linux 1da177e4c3f41524e886b7f1b8a0c1fc7321cac2 < 2cbe6a88fbdd6e8aeab358eef61472e2de43d6f6