An issue was discovered in the Linux kernel through 5.11.3. Certain iSCSI data structures do not have appropriate length constraints or checks, and can exceed the PAGE_SIZE value. An unprivileged user can send a Netlink message that is associated with iSCSI, and has a length up to the maximum length of a Netlink message.
References
Configurations
Configuration 1 (hide)
|
Configuration 2 (hide)
|
Configuration 3 (hide)
|
Configuration 4 (hide)
AND |
|
History
No history.
Information
Published : 2021-03-07 05:15
Updated : 2024-02-28 18:08
NVD link : CVE-2021-27365
Mitre link : CVE-2021-27365
CVE.ORG link : CVE-2021-27365
JSON object : View
Products Affected
debian
- debian_linux
oracle
- tekelec_platform_distribution
linux
- linux_kernel
netapp
- solidfire_baseboard_management_controller_firmware
- solidfire_baseboard_management_controller
CWE
CWE-787
Out-of-bounds Write