Published: 07/06/2013 Updated: 07/11/2023

CVSS v2 Base Score: 7.9 | Impact Score: 10 | Exploitability Score: 5.5

VMScore: 704

Vector: AV:A/AC:M/Au:N/C:C/I:C/A:C

Heap-based buffer overflow in the iscsi_add_notunderstood_response function in drivers/target/iscsi/iscsi_target_parameters.c in the iSCSI target subsystem in the Linux kernel up to and including 3.9.4 allows remote malicious users to cause a denial of service (memory corruption and OOPS) or possibly execute arbitrary code via a long key that is not properly handled during construction of an error-response packet.

Vulnerable Product	Search on Vulmon	Subscribe to Product
linux linux kernel

Synopsis Important: kernel-rt security and bug fix update Type/Severity Security Advisory: Important Topic Updated kernel-rt packages that fix several security issues and multiplebugs are now available for Red Hat Enterprise MRG 23The Red Hat Security Response Team has rated this update as havingimportant ...

Several security issues were fixed in the kernel ...

The system could be made to crash or run programs as an administrator if it received specially crafted network traffic ...

Several security issues were fixed in the kernel ...

The system could be made to crash or run programs as an administrator if it received specially crafted network traffic ...

Several security issues were fixed in the kernel ...

Heap-based buffer overflow in the iscsi_add_notunderstood_response function in drivers/target/iscsi/iscsi_target_parametersc in the iSCSI target subsystem in the Linux kernel through 394 allows remote attackers to cause a denial of service (memory corruption and OOPS) or possibly execute arbitrary code via a long key that is not properly handled ...

CWE-119 http://lists.opensuse.org/opensuse-security-announce/2013-06/msg00018.html http://lists.opensuse.org/opensuse-security-announce/2013-06/msg00011.html http://www.openwall.com/lists/oss-security/2013/06/01/2 http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commit%3Bh=cea4dcfdad926a27a18e188720efe0f2c9403456 http://lists.opensuse.org/opensuse-security-announce/2013-05/msg00017.html http://www.ubuntu.com/usn/USN-1844-1 http://www.ubuntu.com/usn/USN-1846-1 https://github.com/torvalds/linux/commit/cea4dcfdad926a27a18e188720efe0f2c9403456 https://bugzilla.redhat.com/show_bug.cgi?id=968036 http://www.ubuntu.com/usn/USN-1845-1 http://www.ubuntu.com/usn/USN-1847-1 http://lists.opensuse.org/opensuse-security-announce/2013-06/msg00017.html https://access.redhat.com/errata/RHSA-2013:1264 https://nvd.nist.gov https://usn.ubuntu.com/1879-1/https://access.redhat.com/security/cve/cve-2013-2850

CVE-2013-2850

Vulnerability Summary

Vulnerability Trend

Vendor Advisories

References

Vulmon Search

About

Products

Connect