66 matches found
UVI-2021-1001169 scsi: target: Fix NULL dereference on XCOPY completion
scsi: target: Fix NULL dereference on XCOPY completion This is an automated ID intended to aid in discovery of potential security vulnerabilities. The actual impact and attack plausibility have not yet been proven. This ID is fixed in Linux Kernel version v5.13.6 by commit...
The vulnerability in the drivers/target/target_core_xcopy.c file of the Linux operating system allows an attacker to gain access to read, modify, add, or delete data.
The vulnerability of the drivers/target/targetcorexcopy.c in the Linux operating system is related to incorrect pathname restrictions for directories with restricted access. Exploiting this vulnerability allows an attacker, acting remotely, to gain access to read, modify, add, or delete data usin...
Directory Traversal
tcmu-runner is vulnerable to directory traversal. A remote attacker is able to read or write files to an arbitrary location on the file system in an XCOPY request...
Ubuntu 20.04 LTS : Linux kernel (OEM) vulnerability (USN-4753-1)
The remote Ubuntu 20.04 LTS host has a package installed that is affected by a vulnerability as referenced in the USN-4753-1 advisory. It was discovered that the LIO SCSI target implementation in the Linux kernel performed insufficient identifier checking in certain XCOPY requests. An attacker wi...
OESA-2021-1087 kernel security update
The Linux Kernel, the operating system core itself. Security Fixes: In drivers/target/targetcorexcopy.c in the Linux kernel before 5.10.7, insufficient identifier checking in the LIO SCSI target code can be used by remote attackers to read or write files via directory traversal in an XCOPY reques...
USN-4753-1: Linux kernel (OEM) vulnerability
It was discovered that the LIO SCSI target implementation in the Linux kernel performed insufficient identifier checking in certain XCOPY requests. An attacker with access to at least one LUN in a multiple backstore environment could use this to expose sensitive information or modify data...
USN-4713-2 linux, linux-gke-5.0, linux-gke-5.3, linux-hwe, linux-raspi2-5.3 vulnerability
It was discovered that the LIO SCSI target implementation in the Linux kernel performed insufficient identifier checking in certain XCOPY requests. An attacker with access to at least one LUN in a multiple backstore environment could use this to expose sensitive information or modify data...
USN-4713-2: Linux kernel vulnerability
It was discovered that the LIO SCSI target implementation in the Linux kernel performed insufficient identifier checking in certain XCOPY requests. An attacker with access to at least one LUN in a multiple backstore environment could use this to expose sensitive information or modify data...
USN-4711-1: Linux kernel vulnerabilities
It was discovered that the LIO SCSI target implementation in the Linux kernel performed insufficient identifier checking in certain XCOPY requests. An attacker with access to at least one LUN in a multiple backstore environment could use this to expose sensitive information or modify data...
USN-4711-1 linux-aws, linux-aws-hwe, linux-azure, linux-azure-4.15, linux-gcp, linux-gcp-4.15, linux-gke-4.15, linux-kvm, linux-oracle, linux-raspi2, linux-snapdragon vulnerabilities
It was discovered that the LIO SCSI target implementation in the Linux kernel performed insufficient identifier checking in certain XCOPY requests. An attacker with access to at least one LUN in a multiple backstore environment could use this to expose sensitive information or modify data...
Fedora 33 : tcmu-runner (2021-4a91649cf3)
The remote Fedora 33 host has a package installed that is affected by a vulnerability as referenced in the FEDORA-2021-4a91649cf3 advisory. - In drivers/target/targetcorexcopy.c in the Linux kernel before 5.10.7, insufficient identifier checking in the LIO SCSI target code can be used by remote...
USN-4709-1: Linux kernel vulnerabilities
It was discovered that the LIO SCSI target implementation in the Linux kernel performed insufficient identifier checking in certain XCOPY requests. An attacker with access to at least one LUN in a multiple backstore environment could use this to expose sensitive information or modify data...
USN-4713-1 linux-aws, linux-aws-5.4, linux-azure, linux-azure-5.4, linux-gcp, linux-gcp-5.4, linux-gke-5.4, linux-gkeop-5.4, linux-kvm, linux-oracle, linux-oracle-5.4, linux-raspi, linux-raspi-5.4 vulnerability
It was discovered that the LIO SCSI target implementation in the Linux kernel performed insufficient identifier checking in certain XCOPY requests. An attacker with access to at least one LUN in a multiple backstore environment could use this to expose sensitive information or modify data...
USN-4713-1: Linux kernel vulnerability
It was discovered that the LIO SCSI target implementation in the Linux kernel performed insufficient identifier checking in certain XCOPY requests. An attacker with access to at least one LUN in a multiple backstore environment could use this to expose sensitive information or modify data...
Ubuntu: Security Advisory (USN-4709-1)
The remote host is missing an update for the SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Ubuntu: Security Advisory (USN-4713-1)
The remote host is missing an update for the SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
USN-4707-1: TCMU vulnerability
It was discovered that TCMU lacked a check for transport-layer restrictions, allowing remote attackers to read or write files via directory traversal in an XCOPY request...
Ubuntu 16.04 LTS / 18.04 LTS : Linux kernel vulnerabilities (USN-4711-1)
The remote Ubuntu 16.04 LTS / 18.04 LTS host has a package installed that is affected by multiple vulnerabilities as referenced in the USN-4711-1 advisory. It was discovered that the LIO SCSI target implementation in the Linux kernel performed insufficient identifier checking in certain XCOPY...
Ubuntu 20.04 LTS : TCMU vulnerability (USN-4707-1)
The remote Ubuntu 20.04 LTS host has packages installed that are affected by a vulnerability as referenced in the USN-4707-1 advisory. It was discovered that TCMU lacked a check for transport-layer restrictions, allowing remote attackers to read or write files via directory traversal in an XCOPY...
Ubuntu 18.04 LTS / 20.04 LTS : Linux kernel vulnerability (USN-4713-1)
The remote Ubuntu 18.04 LTS / 20.04 LTS host has a package installed that is affected by a vulnerability as referenced in the USN-4713-1 advisory. It was discovered that the LIO SCSI target implementation in the Linux kernel performed insufficient identifier checking in certain XCOPY requests. An...