In drivers/target/target_core_xcopy.c in the Linux kernel prior to 5.10.7, insufficient identifier checking in the LIO SCSI target code can be used by remote malicious users to read or write files via directory traversal in an XCOPY request, aka CID-2896c93811e3. For example, an attack can occur over a network if the attacker has access to one iSCSI LUN. The attacker gains control over file access because I/O operations are proxied via an attacker-selected backstore.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
linux linux kernel |
||
fedoraproject fedora 32 |
||
fedoraproject fedora 33 |
||
debian debian linux 9.0 |
||
debian debian linux 10.0 |