Recent Vulnerabilities Research Posts Trends Blog About Contact

Related Vulnerabilities: CVE-2021-27363

A security issue was found in the Linux kernel. The iscsi initiator kernel subsystem makes the transport handle available via sysfs so that the iscsid daemon can access it, but it makes this visible to all users, making it possible for non-root users to attack the iscsi subsystem using this knowledge, particularly together with CVE-2021-27364, which allows non-root users to user the netlink socket to talk to the iscsi kernel subsystem.

Source

Severity Medium

Remote No

Type Information disclosure

Description

A security issue was found in the Linux kernel. The iscsi initiator kernel subsystem makes the transport handle available via sysfs so that the iscsid daemon can access it, but it makes this visible to all users, making it possible for non-root users to attack the iscsi subsystem using this knowledge, particularly together with CVE-2021-27364, which allows non-root users to user the netlink socket to talk to the iscsi kernel subsystem.

AVG-1661 linux-lts 5.10.20-1 Medium Vulnerable

AVG-1660 linux-hardened 5.10.19.hardened1-1 Medium Vulnerable

AVG-1659 linux-zen 5.11.3.zen1-1 Medium Vulnerable

AVG-1658 linux 5.11.3.arch4-1 Medium Vulnerable

https://www.openwall.com/lists/oss-security/2021/03/06/1
https://bugzilla.suse.com/show_bug.cgi?id=1182716
https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=688e8128b7a92df982709a4137ea4588d16f24aa

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

Home Recent Vulnerabilities Research Posts Trends Blog About Contact

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Twitter Reddit Linkedin Facebook

Vulmon Search

About

Products

Connect