1. Home
  2. Vulnerabilities
  3. CVE-2013-2850

CVE-2013-2850

CVSS v2.0 7.9 (High)
79% Progress
EPSS 3.33 % (92th)
3.33% Progress
Affected Products 1
Advisories 27
Info CVSS EPSS CAPEC Affected Configurations References Security Advisories Packages & Software OVAL Tools, Exploits & PoC Graph Web & Social Timeline

Heap-based buffer overflow in the iscsi_add_notunderstood_response function in drivers/target/iscsi/iscsi_target_parameters.c in the iSCSI target subsystem in the Linux kernel through 3.9.4 allows remote attackers to cause a denial of service (memory corruption and OOPS) or possibly execute arbitrary code via a long key that is not properly handled during construction of an error-response packet.

Weaknesses
CWE-119
Improper Restriction of Operations within the Bounds of a Memory Buffer
CVE Status
PUBLISHED
CNA
Chrome
Published Date
2013-06-07 14:03:19
(11 years ago)
Updated Date
2023-11-07 02:15:13
(10 months ago)

Affected Products

Linux

Configuration #1

    CPE23 From Up To
  Linux Kernel from 3.1 version and prior 3.2.47 version cpe:2.3:o:linux:linux_kernel >= 3.1 < 3.2.47
  Linux Kernel from 3.3 version and prior 3.4.48 version cpe:2.3:o:linux:linux_kernel >= 3.3 < 3.4.48
  Linux Kernel from 3.5 version and prior 3.9.5 version cpe:2.3:o:linux:linux_kernel >= 3.5 < 3.9.5