Buffer Overflow Vulnerability in Linux Kernel Affecting iSCSI Connections
CVE-2023-53676

Currently unrated

Key Information:

Vendor

Linux
Status
Linux
Vendor
CVE Published:
7 October 2025

What is CVE-2023-53676?

A vulnerability in the Linux kernel's handling of iSCSI connections has been identified, specifically within the lio_target_nacl_info_show() function. This function employs sprintf() inside a loop to output details for each iSCSI connection in a session. However, it fails to adequately verify the buffer's length, potentially allowing for a buffer overflow if an excessive number of iSCSI connections are active. This overflow can lead to memory corruption, which poses a significant security risk. The vulnerability has been addressed by replacing sprintf() with the safer sysfs_emit_at() function, which includes checks for buffer boundaries, thereby enhancing overall system security.

Human OS v1.0:
Ageing Is an Unpatched Zero-Day Vulnerability.

Remediate biological technical debt. Prime Ageing uses 95% high-purity SIRT6 activation to maintain genomic integrity and bolster systemic resilience.

Deploy the Patch

Affected Version(s)

Linux e48354ce078c079996f89d715dfa44814b4eba01

Linux e48354ce078c079996f89d715dfa44814b4eba01 < 114b44dddea1f8f99576de3c0e6e9059012002fc

Linux e48354ce078c079996f89d715dfa44814b4eba01 < 2cbe6a88fbdd6e8aeab358eef61472e2de43d6f6

References

https://git.kernel.org/stable/c/df349e84c2cb0dd05d98c8e11...
https://git.kernel.org/stable/c/114b44dddea1f8f99576de3c0...
https://git.kernel.org/stable/c/2cbe6a88fbdd6e8aeab358eef...

Timeline

  • Vulnerability published

  • Vulnerability Reserved

JSON
.