kernel: scsi: target: iscsi: Fix use-after-free in iscsit_dec_conn_usage_count()

A use-after-free flaw was found in the Linux kernel's iSCSI target subsystem. In the iscsitdecconnusagecount function, complete is called while still holding the conn-connusagelock spinlock. The waiting thread such as iscsitcloseconnection may wake up immediately and free the iscsitconn structure...

EUVD-2023-25866

Malicious code in bioql PyPI...

OESA-2023-1652 wireshark security update

Wireshark is an open source tool for profiling network traffic and analyzing packets. Such a tool is often referred to as a network analyzer, network protocol analyzer or sniffer. Security Fixes: Due to a failure in validating the length provided by an attacker-crafted CP2179 packet, Wireshark...

CVE-2023-29367

iSCSI Target WMI Provider Remote Code Execution Vulnerability...

The vulnerability of the Internet Storage Name Service (iSNS) for Windows operating systems allows a perpetrator to gain unauthorized access to protected information.

The vulnerability of the Internet Storage Name Service iSNS on Windows operating systems is related to the execution of operations beyond the buffer in memory. Exploiting this vulnerability could allow an attacker to gain unauthorized access to protected information...

CVE-2023-21699

Windows Internet Storage Name Service iSNS Server Information Disclosure Vulnerability...

CVE-2023-21697

Windows Internet Storage Name Service iSNS Server Information Disclosure Vulnerability...

CVE-2023-21697

Windows Internet Storage Name Service iSNS Server Information Disclosure Vulnerability...

Information disclosure

Windows Internet Storage Name Service iSNS Server Information Disclosure Vulnerability...

Microsoft Internet Storage Name Service 安全漏洞

Microsoft Internet Storage Name Service is used by Microsoft Corporation USA for the interaction between iSNS servers and iSNS clients. A security vulnerability exists in Microsoft Internet Storage Name Service. The following products and editions are affected: Windows 10 Version 20H2 for x64-bas...

Vulnerabilities fixed in Microsoft Windows

Microsoft has fixed vulnerabilities in Windows. The vulnerabilities potentially enable a malicious person to launch attacks execute attacks that result in the following categories of damage: Denial-of-Service DoS Remote code execution User Rights Access to sensitive data Access to system data...

PT-2021-6215 · Microsoft · Windows

Name of the Vulnerable Software and Affected Versions: Microsoft Windows affected versions not specified Description: The issue is related to incorrect code generation management in the Internet Storage Name Service iSNS of Microsoft Windows. It allows a remote attacker to execute arbitrary code...

AZL-38836 CVE-2021-28361 affecting package ceph for versions less than 18.2.2-1

An issue was discovered in Storage Performance Development Kit SPDK before 20.01.01. If a PDU is sent to the iSCSI target with a zero length but data is expected, the iSCSI target can crash with a NULL pointer dereference...

The vulnerability of the iSCSI protocol emulator hardware support provided by QEMU, which allows a hacker to execute arbitrary code or cause a system failure.

The vulnerability of the iSCSI protocol emulation software developed by QEMU is related to buffer overflow attacks. Exploiting this vulnerability allows a remote attacker to execute arbitrary code or trigger a denial-of-service attack...

Denial Of Service (DoS)

The scsi-target-utils package is vulnerable to Denial Of Service DoS. Due to buffer overflow flaws found in scsi-target-utils' tgtd daemon,a remote attacker could trigger these flaws by sending a carefully-crafted Internet Storage Name Service iSNS request, causing the tgtd daemon to crash...

The vulnerability of the NVIDIA-GFX Kernel driver for the Solaris operating system allows a perpetrator to gain unauthorized access to protected data or cause service failures.

The vulnerability of the NVIDIA-GFX Kernel driver for the Solaris operating system is related to access control deficiencies. Exploiting this vulnerability could allow a malicious actor to gain unauthorized access to protected data and cause service failures using ISCSI...

Vulnerability of the Windows operating system, allowing attackers to send malicious requests

The vulnerability of the iSNS Server service in the Windows operating system is caused by a numerical overflow condition. Exploiting this vulnerability allows a malicious actor to send malicious requests remotely...

RHEL 5 : scsi-target-utils (RHSA-2010:0362)

An updated scsi-target-utils package that fixes one security issue is now available for Red Hat Enterprise Linux 5. The Red Hat Security Response Team has rated this update as having important security impact. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity...

scsi security update

CentOS Errata and Security Advisory CESA-2010:0518 An updated scsi-target-utils package that fixes multiple security issues is now available for Red Hat Enterprise Linux 5. The Red Hat Security Response Team has rated this update as having important security impact. A Common Vulnerability Scoring...

scsi security update

CentOS Errata and Security Advisory CESA-2010:0362 An updated scsi-target-utils package that fixes one security issue is now available for Red Hat Enterprise Linux 5. The Red Hat Security Response Team has rated this update as having important security impact. A Common Vulnerability Scoring Syste...