2 matches found
SUSE-SU-2026:0247-1 Security update for the Linux Kernel (Live Patch 5 for SUSE Linux Enterprise 15 SP7)
This update for the SUSE Linux Enterprise kernel 6.4.0-150700.53.19 fixes various security issues The following security issues were fixed: - CVE-2023-53676: scsi: target: iscsi: Fix buffer overflow in liotargetnaclinfoshow bsc1251787. - CVE-2025-40204: sctp: Fix MAC comparison to be constant-tim...
CVE-2023-53676
The CVE-2023-53676 vulnerability affects the Linux kernel’s iSCSI target (lio_target_nacl_info_show) where printf-style buffer handling in a loop could overflow a configfs buffer. Root cause: sprintf() used without bounds checking for each iSCSI connection, enabling memory corruption with many co...