You are here

V-169: Linux Kernel "iscsi_add_notunderstood_response()" Buffer Overflow Vulnerability

June 3, 2013 - 12:01am

Addthis

PROBLEM:

Linux Kernel "iscsi_add_notunderstood_response()" Buffer Overflow Vulnerability

PLATFORM:

Linux Kernel 3.0.x
Linux Kernel 3.2.x
Linux Kernel 3.4.x
Linux Kernel 3.9.x

ABSTRACT:

A vulnerability has been reported in Linux Kernel.

REFERENCE LINKS:

Secunia Advisory SA53670
Red Hat Bugzilla – Bug 968036
CVE-2013-2850 

IMPACT ASSESSMENT:

Medium

DISCUSSION:

The vulnerability is caused due to a boundary error within the "iscsi_add_notunderstood_response()" function (drivers/target/iscsi/iscsi_target_parameters.c) when parsing keys and can be exploited to cause a heap-based buffer overflow by sending overly long keys.

Successful exploitation requires that the iSCSI target is configured to listen on the network.

IMPACT:

A remote attacker could use this flaw to escalate their privileges on the system.

SOLUTION:

Fixed in the GIT repository.

Addthis