CVE-2021-3139
Summary
| CVE | CVE-2021-3139 |
|---|
| State | PUBLIC |
|---|
| Assigner | [email protected] |
|---|
| Source Priority | CVE Program / NVD first with legacy fallback |
|---|
| Published | 2021-01-13 16:15:00 UTC |
|---|
| Updated | 2021-01-22 18:25:00 UTC |
|---|
| Description | In Open-iSCSI tcmu-runner 1.3.x, 1.4.x, and 1.5.x through 1.5.2, xcopy_locate_udev in tcmur_cmd_handler.c lacks a check for transport-layer restrictions, allowing remote attackers to read or write files via directory traversal in an XCOPY request. For example, an attack can occur over a network if the attacker has access to one iSCSI LUN. NOTE: relative to CVE-2020-28374, this is a similar mistake in a different algorithm. |
|---|
NVD Known Affected Configurations (CPE 2.3)
References
| Reference | Source | Link | Tags |
|---|
| oss-security - CVE-2020-28374: Linux SCSI target (LIO) unrestricted copy offload |
MISC |
www.openwall.com |
Mailing List, Third Party Advisory |
| oss-security - Re: CVE-2020-28374: Linux SCSI target (LIO)
unrestricted copy offload |
MLIST |
www.openwall.com |
Mailing List, Mitigation, Third Party Advisory |
| bugzilla.suse.com/attachment.cgi |
MISC |
bugzilla.suse.com |
Issue Tracking, Third Party Advisory |
| Bug 1178372 – VUL-0: CVE-2020-28374: kernel-source: LIO security issue |
MISC |
bugzilla.suse.com |
Issue Tracking, Third Party Advisory |
| tcmur: fail cross-device XCOPY requests by ddiss · Pull Request #644 · open-iscsi/tcmu-runner · GitHub |
CONFIRM |
github.com |
Patch, Third Party Advisory |
| CVE Program record |
CVE.ORG |
www.cve.org |
canonical |
| NVD vulnerability detail |
NVD |
nvd.nist.gov |
canonical, analysis |
No vendor comments have been submitted for this CVE.
Legacy QID Mappings
- 180387 Debian Security Update for tcmu (CVE-2021-3139)
- 239270 Red Hat Update for Red Hat Ceph Storage (RHSA-2021:1452)
- 750408 OpenSUSE Security Update for tcmu-runner (openSUSE-SU-2021:0128-1)
- 750415 OpenSUSE Security Update for tcmu-runner (openSUSE-SU-2021:0097-1)
