Описание
ELSA-2020-1933: targetcli security update (IMPORTANT)
[2.1.51-4]
- Increase the release version
[2.1.51-3]
- targetclid.sock allows unprivileged user to execute commands
[2.1.51-2]
- Create the target/pr directory when installing the package
Обновленные пакеты
Oracle Linux 8
Oracle Linux aarch64
targetcli
2.1.51-4.el8_2
Oracle Linux x86_64
targetcli
2.1.51-4.el8_2
Связанные CVE
Связанные уязвимости
A flaw was found in Linux, in targetcli-fb versions 2.1.50 and 2.1.51 where the socket used by targetclid was world-writable. If a system enables the targetclid socket, a local attacker can use this flaw to modify the iSCSI configuration and escalate their privileges to root.
A flaw was found in Linux, in targetcli-fb versions 2.1.50 and 2.1.51 where the socket used by targetclid was world-writable. If a system enables the targetclid socket, a local attacker can use this flaw to modify the iSCSI configuration and escalate their privileges to root.
A flaw was found in Linux, in targetcli-fb versions 2.1.50 and 2.1.51 where the socket used by targetclid was world-writable. If a system enables the targetclid socket, a local attacker can use this flaw to modify the iSCSI configuration and escalate their privileges to root.
A flaw was found in Linux, in targetcli-fb versions 2.1.50 and 2.1.51 ...
A flaw was found in Linux, in targetcli-fb versions 2.1.50 and 2.1.51 where the socket used by targetclid was world-writable. If a system enables the targetclid socket, a local attacker can use this flaw to modify the iSCSI configuration and escalate their privileges to root.