An issue was discovered in the Linux kernel through 5.11.3. Certain iSCSI data structures do not have appropriate length constraints or checks, and can exceed the PAGE_SIZE value. An unprivileged user can send a Netlink message that is associated with iSCSI, and has a length up to the maximum length of a Netlink message.
References
Configurations
Configuration 1 (hide)
|
Configuration 2 (hide)
|
Configuration 3 (hide)
|
Configuration 4 (hide)
AND |
|
Information
Published : 2021-03-06 21:15
Updated : 2021-12-10 10:13
NVD link : CVE-2021-27365
Mitre link : CVE-2021-27365
JSON object : View
CWE
CWE-787
Out-of-bounds Write
Products Affected
netapp
- solidfire_baseboard_management_controller_firmware
- solidfire_baseboard_management_controller
oracle
- tekelec_platform_distribution
linux
- linux_kernel
debian
- debian_linux