PT-2025-41120 · Linux · Linux Kernel

Publicado

2023-07-31

·

Atualizado

2026-02-19

·

CVE-2023-53676

CVSS v3.1

7.8

Alta

VetorAV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
Name of the Vulnerable Software and Affected Versions Linux kernel (affected versions not specified)
Description The lio target nacl info show() function within the iSCSI target component does not properly validate buffer lengths when using sprintf() in a loop to display details for each iSCSI connection. A large number of iSCSI connections can lead to a buffer overflow, potentially corrupting memory. The issue occurs because the function uses sprintf() without checking the buffer size, allowing data to be written beyond the allocated memory region.
Recommendations At the moment, there is no information about a newer version that contains a fix for this vulnerability.

Exploit

Memory Corruption

Buffer Overflow

Encontrou algum problema na descrição? Tem algo a acrescentar? Fique à vontade para nos escrever 👾
dbugs@ptsecurity.com

Enumeração de Fraquezas

CWE-787CWE-120

Identificadores relacionados

BDU:2026-01529
CVE-2023-53676
OESA-2025-2534
OESA-2025-2659
SUSE-SU-2025:4393-1
SUSE-SU-2025:4422-1
SUSE-SU-2025:4505-1
SUSE-SU-2025:4506-1
SUSE-SU-2025:4507-1
SUSE-SU-2025:4515-1
SUSE-SU-2025:4516-1
SUSE-SU-2025:4517-1
SUSE-SU-2025:4521-1
SUSE-SU-2025:4530-1
SUSE-SU-2026:0029-1
SUSE-SU-2026:0032-1
SUSE-SU-2026:0033-1
SUSE-SU-2026:0034-1
SUSE-SU-2026:0144-1
SUSE-SU-2026:0145-1
SUSE-SU-2026:0146-1
SUSE-SU-2026:0147-1
SUSE-SU-2026:0148-1
SUSE-SU-2026:0154-1
SUSE-SU-2026:0155-1
SUSE-SU-2026:0163-1
SUSE-SU-2026:0166-1
SUSE-SU-2026:0168-1
SUSE-SU-2026:0169-1
SUSE-SU-2026:0171-1
SUSE-SU-2026:0173-1
SUSE-SU-2026:0174-1
SUSE-SU-2026:0176-1
SUSE-SU-2026:0180-1
SUSE-SU-2026:0184-1
SUSE-SU-2026:0185-1
SUSE-SU-2026:0186-1
SUSE-SU-2026:0187-1
SUSE-SU-2026:0188-1
SUSE-SU-2026:0191-1
SUSE-SU-2026:0200-1
SUSE-SU-2026:0202-1
SUSE-SU-2026:0203-1
SUSE-SU-2026:0204-1
SUSE-SU-2026:0206-1
SUSE-SU-2026:0209-1
SUSE-SU-2026:0246-1
SUSE-SU-2026:0247-1
SUSE-SU-2026:0262-1
SUSE-SU-2026:0269-1
SUSE-SU-2026:0270-1
SUSE-SU-2026:0274-1
SUSE-SU-2026:0283-1
SUSE-SU-2026:0284-1
SUSE-SU-2026:20039-1
SUSE-SU-2026:20059-1
SUSE-SU-2026:20248-1
SUSE-SU-2026:20249-1
SUSE-SU-2026:20250-1
SUSE-SU-2026:20251-1
SUSE-SU-2026:20252-1
SUSE-SU-2026:20253-1
SUSE-SU-2026:20254-1
SUSE-SU-2026:20255-1
SUSE-SU-2026:20256-1
SUSE-SU-2026:20257-1
SUSE-SU-2026:20258-1
SUSE-SU-2026:20259-1
SUSE-SU-2026:20260-1
SUSE-SU-2026:20261-1
SUSE-SU-2026:20262-1
SUSE-SU-2026:20263-1
SUSE-SU-2026:20264-1
SUSE-SU-2026:20265-1
SUSE-SU-2026:20266-1
SUSE-SU-2026:20376-1
SUSE-SU-2026:20377-1
SUSE-SU-2026:20378-1
SUSE-SU-2026:20379-1
SUSE-SU-2026:20380-1
SUSE-SU-2026:20381-1
SUSE-SU-2026:20382-1
SUSE-SU-2026:20383-1
SUSE-SU-2026:20384-1
SUSE-SU-2026:20385-1
SUSE-SU-2026:20392-1
SUSE-SU-2026:20393-1
SUSE-SU-2026:20394-1
SUSE-SU-2026:20395-1
SUSE-SU-2026:20396-1
SUSE-SU-2026:20397-1
SUSE-SU-2026:20398-1
SUSE-SU-2026:20399-1
SUSE-SU-2026:20400-1
SUSE-SU-2026:20473-1
SUSE-SU-2026:20496-1

Produtos afetados

Linux Kernel