CVE-2021-3139

Published: 13/01/2021 Updated: 22/01/2021

CVSS v2 Base Score: 5.5 | Impact Score: 4.9 | Exploitability Score: 8

CVSS v3 Base Score: 8.1 | Impact Score: 5.2 | Exploitability Score: 2.8

VMScore: 490

Vector: AV:N/AC:L/Au:S/C:P/I:P/A:N

In Open-iSCSI tcmu-runner 1.3.x, 1.4.x, and 1.5.x up to and including 1.5.2, xcopy_locate_udev in tcmur_cmd_handler.c lacks a check for transport-layer restrictions, allowing remote malicious users to read or write files via directory traversal in an XCOPY request. For example, an attack can occur over a network if the attacker has access to one iSCSI LUN. NOTE: relative to CVE-2020-28374, this is a similar mistake in a different algorithm.

Vulnerable Product	Search on Vulmon	Subscribe to Product
tcmu-runner project tcmu-runner

Debian Bug report logs - #980007 tcmu: CVE-2021-3139 Package: src:tcmu; Maintainer for src:tcmu is Freexian Packaging Team <team+freexian@trackerdebianorg>; Reported by: Salvatore Bonaccorso <carnil@debianorg> Date: Tue, 12 Jan 2021 20:18:01 UTC Severity: grave Tags: security, upstream Found in version tcmu/152 ...

Hi, For tcmu-runner Mitre suggested that we use a different CVE as its not the same codebase Please use CVE-2021-3139 for tcmu-runner Ciao, Marcus On Tue, Jan 12, 2021 at 07:01:34PM +0100, David Disseldorp wrote: -- Marcus Meissner,SUSE LINUX GmbH; Maxfeldstrasse 5; D-90409 Nuernberg; Zi 31-33,+49-911-740 53-432,,serv=loki,mail=wotan,ty ...

CWE-22 http://www.openwall.com/lists/oss-security/2021/01/13/5 https://bugzilla.suse.com/attachment.cgi?id=844938 https://bugzilla.suse.com/show_bug.cgi?id=1178372 https://github.com/open-iscsi/tcmu-runner/pull/644 https://www.openwall.com/lists/oss-security/2021/01/12/12 https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=980007 https://nvd.nist.gov

CVE-2021-3139

Vulnerability Summary

Vulnerability Trend

Vendor Advisories

Mailing Lists

References

Vulmon Search

About

Products

Connect