Signature Detail
Short Name |
MISC:LINUX-KERNEL-ISCSI-BO |
|---|---|
Severity |
High |
Recommended |
Yes |
Recommended Action |
Drop |
Category |
MISC |
Keywords |
Linux Kernel iscsi_add_notunderstood_response Heap Buffer Overflow |
Release Date |
2013/07/17 |
Update Number |
2282 |
Supported Platforms |
idp-4.0+, isg-3.0+, j-series-9.5+, mx-9.4+, srx-9.2+, srx-branch-9.4+, vsrx-12.1+ |
MISC: Linux Kernel iscsi_add_notunderstood_response Heap Buffer Overflow
This signature detects attempts to exploit a known vulnerability in the iscsi_target driver of Linux kernel. A successful attack can lead to a buffer overflow and arbitrary remote code execution with kernel privileges. An unsuccessful attack will cause the kernel to crash resulting in a denial-of-service condition.
Extended Description
Heap-based buffer overflow in the iscsi_add_notunderstood_response function in drivers/target/iscsi/iscsi_target_parameters.c in the iSCSI target subsystem in the Linux kernel through 3.9.4 allows remote attackers to cause a denial of service (memory corruption and OOPS) or possibly execute arbitrary code via a long key that is not properly handled during construction of an error-response packet.
Affected Products
- linux linux_kernel 3.9.0
- linux linux_kernel 3.9.1
- linux linux_kernel 3.9.2
- linux linux_kernel 3.9.3
- linux linux_kernel 3.9 (rc1)
- linux linux_kernel 3.9 (rc2)
- linux linux_kernel 3.9 (rc3)
- linux linux_kernel 3.9 (rc4)
- linux linux_kernel 3.9 (rc5)
- linux linux_kernel 3.9 (rc6)
- linux linux_kernel 3.9 (rc7)
- linux linux_kernel up to 3.9.4
References
- CVE: CVE-2013-2850