(RHSA-2011:0332) Important: scsi-target-utils security update

2011-03-0900:00:00

access.redhat.com

5 Medium

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:N/I:N/A:P

0.124 Low

EPSS

Percentile

94.8%

JSON

The scsi-target-utils package contains the daemon and tools to set up and
monitor SCSI targets. Currently, iSCSI software and iSER targets are
supported.

A double-free flaw was found in scsi-target-utils’ tgtd daemon. A remote
attacker could trigger this flaw by sending carefully-crafted network
traffic, causing the tgtd daemon to crash. (CVE-2011-0001)

Red Hat would like to thank Emmanuel Bouillon of NATO C3 Agency for
reporting this issue.

All scsi-target-utils users should upgrade to this updated package, which
contains a backported patch to correct this issue. All running
scsi-target-utils services must be restarted for the update to take effect.

OSVersionArchitecturePackageVersionFilename
RedHat6srcscsi-target-utils< 1.0.4-3.el6_0.1scsi-target-utils-1.0.4-3.el6_0.1.src.rpm
RedHat6ppc64scsi-target-utils-debuginfo< 1.0.4-3.el6_0.1scsi-target-utils-debuginfo-1.0.4-3.el6_0.1.ppc64.rpm
RedHat5i386scsi-target-utils< 1.0.8-0.el5_6.1scsi-target-utils-1.0.8-0.el5_6.1.i386.rpm
RedHat5x86_64scsi-target-utils< 1.0.8-0.el5_6.1scsi-target-utils-1.0.8-0.el5_6.1.x86_64.rpm
RedHat6x86_64scsi-target-utils< 1.0.4-3.el6_0.1scsi-target-utils-1.0.4-3.el6_0.1.x86_64.rpm
RedHat6x86_64scsi-target-utils-debuginfo< 1.0.4-3.el6_0.1scsi-target-utils-debuginfo-1.0.4-3.el6_0.1.x86_64.rpm
RedHat5ia64scsi-target-utils< 1.0.8-0.el5_6.1scsi-target-utils-1.0.8-0.el5_6.1.ia64.rpm
RedHat5ppcscsi-target-utils< 1.0.8-0.el5_6.1scsi-target-utils-1.0.8-0.el5_6.1.ppc.rpm
RedHat6i686scsi-target-utils-debuginfo< 1.0.4-3.el6_0.1scsi-target-utils-debuginfo-1.0.4-3.el6_0.1.i686.rpm
RedHat6i686scsi-target-utils< 1.0.4-3.el6_0.1scsi-target-utils-1.0.4-3.el6_0.1.i686.rpm

OS	Version	Architecture	Package	Version	Filename
RedHat	6	src	scsi-target-utils	< 1.0.4-3.el6_0.1	scsi-target-utils-1.0.4-3.el6_0.1.src.rpm
RedHat	6	ppc64	scsi-target-utils-debuginfo	< 1.0.4-3.el6_0.1	scsi-target-utils-debuginfo-1.0.4-3.el6_0.1.ppc64.rpm
RedHat	5	i386	scsi-target-utils	< 1.0.8-0.el5_6.1	scsi-target-utils-1.0.8-0.el5_6.1.i386.rpm
RedHat	5	x86_64	scsi-target-utils	< 1.0.8-0.el5_6.1	scsi-target-utils-1.0.8-0.el5_6.1.x86_64.rpm
RedHat	6	x86_64	scsi-target-utils	< 1.0.4-3.el6_0.1	scsi-target-utils-1.0.4-3.el6_0.1.x86_64.rpm
RedHat	6	x86_64	scsi-target-utils-debuginfo	< 1.0.4-3.el6_0.1	scsi-target-utils-debuginfo-1.0.4-3.el6_0.1.x86_64.rpm
RedHat	5	ia64	scsi-target-utils	< 1.0.8-0.el5_6.1	scsi-target-utils-1.0.8-0.el5_6.1.ia64.rpm
RedHat	5	ppc	scsi-target-utils	< 1.0.8-0.el5_6.1	scsi-target-utils-1.0.8-0.el5_6.1.ppc.rpm
RedHat	6	i686	scsi-target-utils-debuginfo	< 1.0.4-3.el6_0.1	scsi-target-utils-debuginfo-1.0.4-3.el6_0.1.i686.rpm
RedHat	6	i686	scsi-target-utils	< 1.0.4-3.el6_0.1	scsi-target-utils-1.0.4-3.el6_0.1.i686.rpm