Gentoo Websites Logo
Go to: Gentoo Home Documentation Forums Lists Bugs Planet Store Wiki Get Gentoo!
Bug 471892 (CVE-2013-2850) - Kernel : "iscsi_add_notunderstood_response()" Buffer Overflow Vulnerability (CVE-2013-2850)
Summary: Kernel : "iscsi_add_notunderstood_response()" Buffer Overflow Vulnerability (...
Alias: CVE-2013-2850
Product: Gentoo Security
Classification: Unclassified
Component: Kernel (show other bugs)
Hardware: All Linux
: Normal normal (vote)
Assignee: Gentoo Kernel Security
Depends on:
Reported: 2013-05-31 10:07 UTC by Agostino Sarubbo
Modified: 2021-10-25 00:53 UTC (History)
1 user (show)

See Also:
Package list:
Runtime testing required: ---


Note You need to log in before you can comment on or make changes to this bug.
Description Agostino Sarubbo gentoo-dev 2013-05-31 10:07:12 UTC
From ${URL} :

A vulnerability has been reported in Linux Kernel, which can be 
exploited by malicious people to compromise a vulnerable system.

The vulnerability is caused due to a boundary error within the 
"iscsi_add_notunderstood_response()" function 
(drivers/target/iscsi/iscsi_target_parameters.c) when parsing keys and 
can be exploited to cause a heap-based buffer overflow by sending overly 
long keys.

Successful exploitation requires that the iSCSI target is configured to 
listen on the network.

Fixed in the GIT repository.
Further details available to Secunia VIM customers

Provided and/or discovered by
The vendor credits Kees Cook.

Original Advisory
Comment 1 GLSAMaker/CVETool Bot gentoo-dev 2013-08-30 01:43:40 UTC
CVE-2013-2850 (
  Heap-based buffer overflow in the iscsi_add_notunderstood_response function
  in drivers/target/iscsi/iscsi_target_parameters.c in the iSCSI target
  subsystem in the Linux kernel through 3.9.4 allows remote attackers to cause
  a denial of service (memory corruption and OOPS) or possibly execute
  arbitrary code via a long key that is not properly handled during
  construction of an error-response packet.
Comment 2 John Helmert III archtester Gentoo Infrastructure gentoo-dev Security 2021-10-25 00:53:47 UTC
In 3.10 onwards