usr/log.c in iscsid in open-iscsi (iscsi-initiator-utils) prior to 2.0-865 uses a semaphore with insecure permissions (world-writable/world-readable) for managing log messages using shared memory, which allows local users to cause a denial of service (hang) by grabbing the semaphore.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
redhat open_iscsi |