CVE-2021-27365
kernel: heap buffer overflow in the iSCSI subsystem
Severity Score
Exploit Likelihood
Affected Versions
Public Exploits
1Exploited in Wild
-Decision
Descriptions
An issue was discovered in the Linux kernel through 5.11.3. Certain iSCSI data structures do not have appropriate length constraints or checks, and can exceed the PAGE_SIZE value. An unprivileged user can send a Netlink message that is associated with iSCSI, and has a length up to the maximum length of a Netlink message.
Se detectó un problema en el kernel de Linux versiones hasta 5.11.3. Determinadas estructuras de datos iSCSI no tienen restricciones de longitud o comprobaciones apropiadas y pueden exceder el valor PAGE_SIZE. Un usuario sin privilegios puede enviar un mensaje de Netlink que está asociado con iSCSI y tiene una longitud de hasta la longitud máxima de un mensaje de Netlink
A flaw was found in the Linux kernel. A heap buffer overflow in the iSCSI subsystem is triggered by setting an iSCSI string attribute to a value larger than one page and then trying to read it. The highest threat from this vulnerability is to data confidentiality and integrity as well as system availability.
CVSS Scores
SSVC
- Decision:-
Timeline
- 2021-02-17 CVE Reserved
- 2021-03-07 CVE Published
- 2023-03-08 EPSS Updated
- 2024-08-03 CVE Updated
- 2024-08-03 First Exploit
- ---------- Exploited in Wild
- ---------- KEV Due Date
CWE
- CWE-122: Heap-based Buffer Overflow
- CWE-787: Out-of-bounds Write
CAPEC
References (12)
| URL | Tag | Source |
|---|---|---|
| http://packetstormsecurity.com/files/162117/Kernel-Live-Patch-Security-Notice-LSN-0075-1.html | Third Party Advisory |
|
| https://bugzilla.suse.com/show_bug.cgi?id=1182715 | Issue Tracking | |
| https://lists.debian.org/debian-lts-announce/2021/03/msg00010.html | Mailing List |
|
| https://lists.debian.org/debian-lts-announce/2021/03/msg00035.html | Mailing List |
|
| https://security.netapp.com/advisory/ntap-20210409-0001 | Third Party Advisory |
|
| https://www.openwall.com/lists/oss-security/2021/03/06/1 | Mailing List |
|
| URL | Date | SRC |
|---|---|---|
| https://blog.grimm-co.com/2021/03/new-old-bugs-in-linux-kernel.html | 2024-08-03 |
| URL | Date | SRC |
|---|---|---|
| https://access.redhat.com/security/cve/CVE-2021-27365 | 2021-05-11 | |
| https://bugzilla.redhat.com/show_bug.cgi?id=1930078 | 2021-05-11 |
Affected Vendors, Products, and Versions
| Vendor | Product | Version | Other | Status | ||||||
|---|---|---|---|---|---|---|---|---|---|---|
| Vendor | Product | Version | Other | Status | <-- --> | Vendor | Product | Version | Other | Status |
| Netapp Search vendor "Netapp" | Solidfire Baseboard Management Controller Firmware Search vendor "Netapp" for product "Solidfire Baseboard Management Controller Firmware" | - | - |
Affected
| in | Netapp Search vendor "Netapp" | Solidfire Baseboard Management Controller Search vendor "Netapp" for product "Solidfire Baseboard Management Controller" | - | - |
Safe
|
| Linux Search vendor "Linux" | Linux Kernel Search vendor "Linux" for product "Linux Kernel" | <= 5.11.3 Search vendor "Linux" for product "Linux Kernel" and version " <= 5.11.3" | - |
Affected
| ||||||
| Debian Search vendor "Debian" | Debian Linux Search vendor "Debian" for product "Debian Linux" | 9.0 Search vendor "Debian" for product "Debian Linux" and version "9.0" | - |
Affected
| ||||||
| Oracle Search vendor "Oracle" | Tekelec Platform Distribution Search vendor "Oracle" for product "Tekelec Platform Distribution" | >= 7.4.0 <= 7.7.1 Search vendor "Oracle" for product "Tekelec Platform Distribution" and version " >= 7.4.0 <= 7.7.1" | - |
Affected
| ||||||