CVE-2023-53676
Published: Oct 7, 2025
Modified: May 11, 2026
Description
In the Linux kernel, the following vulnerability has been resolved: scsi: target: iscsi: Fix buffer overflow in lio_target_nacl_info_show() The function lio_target_nacl_info_show() uses sprintf() in a loop to print details for every iSCSI connection in a session without checking for the buffer length. With enough iSCSI connections it's possible to overflow the buffer provided by configfs and corrupt the memory. This patch replaces sprintf() with sysfs_emit_at() that checks for buffer boundries.
| Vendor | Product | Versions |
|---|---|---|
Linux | Linux | affected e48354ce078c079996f89d715dfa44814b4eba01 - < df349e84c2cb0dd05d98c8e1189c26ab4b116083affected e48354ce078c079996f89d715dfa44814b4eba01 - < 114b44dddea1f8f99576de3c0e6e9059012002fcaffected e48354ce078c079996f89d715dfa44814b4eba01 - < 2cbe6a88fbdd6e8aeab358eef61472e2de43d6f6affected e48354ce078c079996f89d715dfa44814b4eba01 - < bbe3ff47bf09db8956bc2eeb49d2d514d256ad2aaffected e48354ce078c079996f89d715dfa44814b4eba01 - < 5353df78c22623b42a71d51226d228a8413097e2+3 more versions |
Linux | Linux | affected 3.1unaffected 0 - < 3.1unaffected 4.14.326 - <= 4.14.*unaffected 4.19.295 - <= 4.19.*unaffected 5.4.257 - <= 5.4.*+5 more versions |
References
Security Training
Train your team to recognize and prevent security threats with our comprehensive security awareness program.
Start TrainingVulnerability Scanning
Discover vulnerabilities in your applications and infrastructure before attackers do.
Scan Now