Описание
A flaw was found in Linux, in targetcli-fb versions 2.1.50 and 2.1.51 where the socket used by targetclid was world-writable. If a system enables the targetclid socket, a local attacker can use this flaw to modify the iSCSI configuration and escalate their privileges to root.
| Релиз | Статус | Примечание |
|---|---|---|
| bionic | not-affected | code not present |
| devel | not-affected | 1:2.1.53-1ubuntu1 |
| eoan | ignored | end of life |
| esm-apps/bionic | not-affected | code not present |
| esm-apps/focal | released | 1:2.1.51-0ubuntu1+esm1 |
| esm-infra-legacy/trusty | DNE | |
| focal | ignored | end of standard support, was needed |
| groovy | not-affected | 1:2.1.53-1ubuntu1 |
| hirsute | not-affected | 1:2.1.53-1ubuntu1 |
| impish | not-affected | 1:2.1.53-1ubuntu1 |
Показывать по
EPSS
7.2 High
CVSS2
7.8 High
CVSS3
Связанные уязвимости
A flaw was found in Linux, in targetcli-fb versions 2.1.50 and 2.1.51 where the socket used by targetclid was world-writable. If a system enables the targetclid socket, a local attacker can use this flaw to modify the iSCSI configuration and escalate their privileges to root.
A flaw was found in Linux, in targetcli-fb versions 2.1.50 and 2.1.51 where the socket used by targetclid was world-writable. If a system enables the targetclid socket, a local attacker can use this flaw to modify the iSCSI configuration and escalate their privileges to root.
A flaw was found in Linux, in targetcli-fb versions 2.1.50 and 2.1.51 ...
A flaw was found in Linux, in targetcli-fb versions 2.1.50 and 2.1.51 where the socket used by targetclid was world-writable. If a system enables the targetclid socket, a local attacker can use this flaw to modify the iSCSI configuration and escalate their privileges to root.
EPSS
7.2 High
CVSS2
7.8 High
CVSS3