CVE-2023-53676
HIGH EPSS 5.1%
Published Oct 7, 20258mo ago · Modified Jun 17, 20262w ago
7.8 CVSS 3.1
Published Oct 7, 2025 8mo ago
Last Modified Jun 17, 2026 2w ago
Description
In the Linux kernel, the following vulnerability has been resolved: scsi: target: iscsi: Fix buffer overflow in lio_target_nacl_info_show() The function lio_target_nacl_info_show() uses sprintf() in a loop to print details for every iSCSI connection in a session without checking for the buffer length. With enough iSCSI connections it's possible to overflow the buffer provided by configfs and corrupt the memory. This patch replaces sprintf() with sysfs_emit_at() that checks for buffer boundries.
CVSS Details
Base Score
Exploitability
Impact
Vector string
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H Attack Vector Local
Attack Complexity Low
Privileges Required Low
User Interaction None
Scope Unchanged
Confidentiality High
Integrity High
Availability High
Threat Intelligence
EPSS Exploit Probability
5.1% percentile
Exploit & Patch Status
No Known Exploit
Patch Available
Weaknesses 1
CWE-787 Out-of-bounds Write Memory Safety
Affected Products 7
References 8
- git.kernel.org https://git.kernel.org/stable/c/0cac6cbb9908309352a5d30c1876882771d3da50
- git.kernel.org https://git.kernel.org/stable/c/114b44dddea1f8f99576de3c0e6e9059012002fc
- git.kernel.org https://git.kernel.org/stable/c/2cbe6a88fbdd6e8aeab358eef61472e2de43d6f6
- git.kernel.org https://git.kernel.org/stable/c/4738bf8b2d3635c2944b81b2a84d97b8c8b0978d
- git.kernel.org https://git.kernel.org/stable/c/5353df78c22623b42a71d51226d228a8413097e2
- git.kernel.org https://git.kernel.org/stable/c/801f287c93ff95582b0a2d2163f12870a2f076d4
- git.kernel.org https://git.kernel.org/stable/c/bbe3ff47bf09db8956bc2eeb49d2d514d256ad2a
- git.kernel.org https://git.kernel.org/stable/c/df349e84c2cb0dd05d98c8e1189c26ab4b116083
Remediation
- git.kernel.org https://git.kernel.org/stable/c/0cac6cbb9908309352a5d30c1876882771d3da50
- git.kernel.org https://git.kernel.org/stable/c/114b44dddea1f8f99576de3c0e6e9059012002fc
- git.kernel.org https://git.kernel.org/stable/c/2cbe6a88fbdd6e8aeab358eef61472e2de43d6f6
- git.kernel.org https://git.kernel.org/stable/c/4738bf8b2d3635c2944b81b2a84d97b8c8b0978d
- git.kernel.org https://git.kernel.org/stable/c/5353df78c22623b42a71d51226d228a8413097e2
- git.kernel.org https://git.kernel.org/stable/c/801f287c93ff95582b0a2d2163f12870a2f076d4
- git.kernel.org https://git.kernel.org/stable/c/bbe3ff47bf09db8956bc2eeb49d2d514d256ad2a
- git.kernel.org https://git.kernel.org/stable/c/df349e84c2cb0dd05d98c8e1189c26ab4b116083