Vulnerabilities

CVE-2021-27365

by Fred · 06/03/2021

An issue was discovered in the Linux kernel through 5.11.3. Certain iSCSI data structures do not have appropriate length constraints or checks, and can exceed the PAGE_SIZE value. An unprivileged user can send a Netlink message that is associated with iSCSI, and has a length up to the maximum length of a Netlink message.

Date published : 2021-03-06

https://security.netapp.com/advisory/ntap-20210409-0001/

http://packetstormsecurity.com/files/162117/Kernel-Live-Patch-Security-Notice-LSN-0075-1.html

Similar

Tags: Cybersecurity Alert