VDB

CVE-2013-2850

CVE-2013-2850 REJECTED

Heap-based buffer overflow in the iscsi_add_notunderstood_response function in drivers/target/iscsi/iscsi_target_parameters.c in the iSCSI target subsystem in the Linux kernel through 3.9.4 allows remote attackers to cause a denial of service (memory corruption and OOPS) or possibly execute arbitrary code via a long key that is not properly handled during construction of an error-response packet. A reproduction case requires patching open-iscsi to send overly large keys. Performing discovery in a loop will Oops the remote server. Attached is a proposed fix, and the patch I used in open-iscsi to trigger it. Thanks in advance for your cooperation in coordinating a fix for this issue,

EPSS 15.11% · 94.7th percentile

Risk Scores

EPSS Score
15.11%
94.7th percentile

Affected Products

VendorProductVersions
Ubuntu:16.04:LTSlinux0
Ubuntu:14.04:LTSlinux0
Ubuntu:14.04:LTSlinux-lts-wily0
Ubuntu:16.04:LTSlinux-mako3.4.0-7.39, 0
Ubuntu:16.04:LTSlinux-goldfish0, 3.4.0-4.24, 3.4.0-4.26
Ubuntu:16.04:LTSlinux-aws0
Ubuntu:16.04:LTSlinux-hwe0
Ubuntu:14.04:LTSlinux-lts-utopic0
Ubuntu:16.04:LTSlinux-snapdragon0
Ubuntu:14.04:LTSlinux-lts-vivid0
Ubuntu:14.04:LTSlinux-aws0
Ubuntu:14.04:LTSlinux-lts-xenial0
Ubuntu:16.04:LTSlinux-raspi20
Ubuntu:16.04:LTSlinux-flo0, 3.4.0-5.19
Ubuntu:16.04:LTSlinux-gke0

Exploit Intelligence

…and 82 more exploits

Timeline

  • Jun 11, 2013 PoC Published
  • May 31, 2014 PoC Published
  • Dec 3, 2017 PoC Published
  • Feb 4, 2022 EPSS Score
  • May 20, 2022 EPSS Score
  • Jul 12, 2022 EPSS Score
  • Oct 26, 2022 EPSS Score
  • Dec 18, 2022 EPSS Score
  • Mar 7, 2023 EPSS Score
  • Apr 2, 2023 EPSS Score
  • Jun 6, 2023 EPSS Score
  • Jun 14, 2023 PoC Published

References

Open in Interactive Console →
$ Console Community · 100/wk Open console ›