oss-sec mailing list archives
Re: CVE-2020-28374: Linux SCSI target (LIO) unrestricted copy offload
From: David Disseldorp <ddiss () suse de>
Date: Wed, 13 Jan 2021 10:41:30 +0100
[replying via parent, as I'm not on this list] Hi John,
On Tue, 12 Jan 2021 19:01:34 +0100, David Disseldorp wrote:=============================================================================== == Subject: Linux SCSI target (LIO) unrestricted copy offload == == == CVE ID#: CVE-2020-28374 == == Versions: Linux: v3.12 and later == tcmu-runner: v1.3.0 and later == == Summary: An attacker with access to a LUN and knowledge of Unit Serial == Number assignments can read and write to any LIO backstore, == regardless of SCSI transport settings. ===============================================================================
David -- did you mean to attach the patches you posted to linux-distros?
No, the kernel patches have gone out via the regular mainline and stable repositories. The tcmu-runner fix is queued at https://github.com/open-iscsi/tcmu-runner/pull/644 Cheers, David
Current thread:
- CVE-2020-28374: Linux SCSI target (LIO) unrestricted copy offload David Disseldorp (Jan 12)
- Re: CVE-2020-28374: Linux SCSI target (LIO) unrestricted copy offload John Haxby (Jan 12)
- Re: CVE-2020-28374: Linux SCSI target (LIO) unrestricted copy offload David Disseldorp (Jan 13)
- Re: CVE-2020-28374: Linux SCSI target (LIO) unrestricted copy offload Marcus Meissner (Jan 13)