ALAS2LIVEPATCH-2021-043 --- kernel-livepatch-4.14.219-161.340ID: oval:org.secpod.oval:def:1700591 | Date: (C)2021-04-12 (M)2024-04-17 |
Class: PATCH | Family: unix |
A flaw was found in the way access to sessions and handles was handled in the iSCSI driver in the Linux kernel. A local user could use this flaw to leak iSCSI transport handle kernel address or end arbitrary iSCSI connections on the system. A flaw was found in the Linux kernel. An out-of-bounds read was discovered in the libiscsi module that could lead to reading kernel memory or a crash. The highest threat from this vulnerability is to data confidentiality as well as system availability. A flaw was found in the Linux kernel. A heap buffer overflow in the iSCSI subsystem is triggered by setting an iSCSI string attribute to a value larger than one page and then trying to read it. The highest threat from this vulnerability is to data confidentiality and integrity as well as system availability
Product: |
kernel-livepatch-4.14.219-161.340 |