Novell Home

CVE-2013-2850

Common Vulnerabilities and Exposures

[Previous] [Index] [Next]

Upstream information

CVE-2013-2850 at MITRE

Description

Heap-based buffer overflow in the iscsi_add_notunderstood_response function in drivers/target/iscsi/iscsi_target_parameters.c in the iSCSI target subsystem in the Linux kernel through 3.9.4 allows remote attackers to cause a denial of service (memory corruption and OOPS) or possibly execute arbitrary code via a long key that is not properly handled during construction of an error-response packet.

NVD CVSS v2 Base Score: 7.9 (AV:A/AC:M/Au:N/C:C/I:C/A:C)

Novell/SUSE information

Note from the SUSE Security Team

This vulnerability affects only SUSE Linux Enterprise 11 SP2 products. Older products (SUSE Linux Enterprise 11 SP1 or SUSE Linux Enterprise 10) do not have the affected code.
The vulnerability requires a iscistarget service on the machine to be running (with iscsi_target_mod.ko kernel module loaded).

Novell Bugzilla entry: 821560

SUSE Security Advisories:

List of released packages

Product(s) Fixed package version(s) References
SLE 11 SERVER Unsupported Extras
  • ext4-writeable-kmp-default >= 0_3.0.74_0.6.10-0.14.54
  • ext4-writeable-kmp-trace >= 0_3.0.74_0.6.10-0.14.54
  • kernel-default-extra >= 3.0.74-0.6.10.1
Builds
SAT Patch Nr: 7769
SLE 11 SERVER Unsupported Extras
  • ext4-writeable-kmp-default >= 0_3.0.74_0.6.10-0.14.54
  • ext4-writeable-kmp-pae >= 0_3.0.74_0.6.10-0.14.54
  • ext4-writeable-kmp-trace >= 0_3.0.74_0.6.10-0.14.54
  • ext4-writeable-kmp-xen >= 0_3.0.74_0.6.10-0.14.54
  • kernel-default-extra >= 3.0.74-0.6.10.1
  • kernel-pae-extra >= 3.0.74-0.6.10.1
  • kernel-xen-extra >= 3.0.74-0.6.10.1
Builds
SAT Patch Nr: 7768
SLE 11 SP2 DEBUGINFO
  • kernel-default-debuginfo >= 3.0.74-0.6.10.1
  • kernel-default-debugsource >= 3.0.74-0.6.10.1
  • kernel-ppc64-debuginfo >= 3.0.74-0.6.10.1
  • kernel-ppc64-debugsource >= 3.0.74-0.6.10.1
  • kernel-trace-debuginfo >= 3.0.74-0.6.10.1
  • kernel-trace-debugsource >= 3.0.74-0.6.10.1
Builds
SAT Patch Nr: 7765
SUSE Linux Enterprise High Availability Extension 11 SP2
  • cluster-network-kmp-default >= 1.4_3.0.74_0.6.10-2.18.41
  • cluster-network-kmp-ppc64 >= 1.4_3.0.74_0.6.10-2.18.41
  • cluster-network-kmp-trace >= 1.4_3.0.74_0.6.10-2.18.41
  • gfs2-kmp-default >= 2_3.0.74_0.6.10-0.7.73
  • gfs2-kmp-ppc64 >= 2_3.0.74_0.6.10-0.7.73
  • gfs2-kmp-trace >= 2_3.0.74_0.6.10-0.7.73
  • ocfs2-kmp-default >= 1.6_3.0.74_0.6.10-0.11.40
  • ocfs2-kmp-ppc64 >= 1.6_3.0.74_0.6.10-0.11.40
  • ocfs2-kmp-trace >= 1.6_3.0.74_0.6.10-0.11.40
Builds
SAT Patch Nr: 7765
SUSE Linux Enterprise Server 11 SP2
  • kernel-default >= 3.0.74-0.6.10.1
  • kernel-default-base >= 3.0.74-0.6.10.1
  • kernel-default-devel >= 3.0.74-0.6.10.1
  • kernel-ppc64 >= 3.0.74-0.6.10.1
  • kernel-ppc64-base >= 3.0.74-0.6.10.1
  • kernel-ppc64-devel >= 3.0.74-0.6.10.1
  • kernel-source >= 3.0.74-0.6.10.1
  • kernel-syms >= 3.0.74-0.6.10.1
  • kernel-trace >= 3.0.74-0.6.10.1
  • kernel-trace-base >= 3.0.74-0.6.10.1
  • kernel-trace-devel >= 3.0.74-0.6.10.1
Builds
SAT Patch Nr: 7765
SLE 11 SERVER Unsupported Extras
  • ext4-writeable-kmp-default >= 0_3.0.74_0.6.10-0.14.54
  • ext4-writeable-kmp-ppc64 >= 0_3.0.74_0.6.10-0.14.54
  • ext4-writeable-kmp-trace >= 0_3.0.74_0.6.10-0.14.54
  • kernel-default-extra >= 3.0.74-0.6.10.1
  • kernel-ppc64-extra >= 3.0.74-0.6.10.1
Builds
SAT Patch Nr: 7770
SUSE Linux Enterprise Real Time 11 SP2
  • cluster-network-kmp-rt >= 1.4_3.0.74_rt98_0.6.6-2.18.42
  • cluster-network-kmp-rt_trace >= 1.4_3.0.74_rt98_0.6.6-2.18.42
  • drbd-kmp-rt >= 8.4.2_3.0.74_rt98_0.6.6-0.6.6.33
  • drbd-kmp-rt_trace >= 8.4.2_3.0.74_rt98_0.6.6-0.6.6.33
  • iscsitarget-kmp-rt >= 1.4.20_3.0.74_rt98_0.6.6-0.23.39
  • iscsitarget-kmp-rt_trace >= 1.4.20_3.0.74_rt98_0.6.6-0.23.39
  • kernel-rt >= 3.0.74.rt98-0.6.6.1
  • kernel-rt-base >= 3.0.74.rt98-0.6.6.1
  • kernel-rt-devel >= 3.0.74.rt98-0.6.6.1
  • kernel-rt_trace >= 3.0.74.rt98-0.6.6.1
  • kernel-rt_trace-base >= 3.0.74.rt98-0.6.6.1
  • kernel-rt_trace-devel >= 3.0.74.rt98-0.6.6.1
  • kernel-source-rt >= 3.0.74.rt98-0.6.6.1
  • kernel-syms-rt >= 3.0.74.rt98-0.6.6.1
  • lttng-modules-kmp-rt >= 2.0.4_3.0.74_rt98_0.6.6-0.7.33
  • lttng-modules-kmp-rt_trace >= 2.0.4_3.0.74_rt98_0.6.6-0.7.33
  • ocfs2-kmp-rt >= 1.6_3.0.74_rt98_0.6.6-0.11.41
  • ocfs2-kmp-rt_trace >= 1.6_3.0.74_rt98_0.6.6-0.11.41
  • ofed-kmp-rt >= 1.5.2_3.0.74_rt98_0.6.6-0.28.28.13
  • ofed-kmp-rt_trace >= 1.5.2_3.0.74_rt98_0.6.6-0.28.28.13
Builds
SAT Patch Nr: 7774
SLE 11 SP2 DEBUGINFO
  • kernel-default-debuginfo >= 3.0.74-0.6.10.1
  • kernel-default-debugsource >= 3.0.74-0.6.10.1
  • kernel-default-devel-debuginfo >= 3.0.74-0.6.10.1
  • kernel-trace-debuginfo >= 3.0.74-0.6.10.1
  • kernel-trace-debugsource >= 3.0.74-0.6.10.1
  • kernel-trace-devel-debuginfo >= 3.0.74-0.6.10.1
Builds
SAT Patch Nr: 7766
SUSE Linux Enterprise High Availability Extension 11 SP2
  • cluster-network-kmp-default >= 1.4_3.0.74_0.6.10-2.18.41
  • cluster-network-kmp-trace >= 1.4_3.0.74_0.6.10-2.18.41
  • gfs2-kmp-default >= 2_3.0.74_0.6.10-0.7.73
  • gfs2-kmp-trace >= 2_3.0.74_0.6.10-0.7.73
  • ocfs2-kmp-default >= 1.6_3.0.74_0.6.10-0.11.40
  • ocfs2-kmp-trace >= 1.6_3.0.74_0.6.10-0.11.40
Builds
SAT Patch Nr: 7766
SUSE Linux Enterprise Server 11 SP2
  • kernel-default >= 3.0.74-0.6.10.1
  • kernel-default-base >= 3.0.74-0.6.10.1
  • kernel-default-devel >= 3.0.74-0.6.10.1
  • kernel-default-man >= 3.0.74-0.6.10.1
  • kernel-source >= 3.0.74-0.6.10.1
  • kernel-syms >= 3.0.74-0.6.10.1
  • kernel-trace >= 3.0.74-0.6.10.1
  • kernel-trace-base >= 3.0.74-0.6.10.1
  • kernel-trace-devel >= 3.0.74-0.6.10.1
Builds
SAT Patch Nr: 7766
SLE 11 SP3 DEBUGINFO
  • kernel-rt-debuginfo >= 3.0.93.rt117-0.9.1
  • kernel-rt-debugsource >= 3.0.93.rt117-0.9.1
  • kernel-rt_trace-debuginfo >= 3.0.93.rt117-0.9.1
  • kernel-rt_trace-debugsource >= 3.0.93.rt117-0.9.1
Builds
SAT Patch Nr: 8410
SUSE Linux Enterprise Real Time Extension 11 SP3
  • cluster-network-kmp-rt >= 1.4_3.0.93_rt117_0.9-2.27.16
  • cluster-network-kmp-rt_trace >= 1.4_3.0.93_rt117_0.9-2.27.16
  • drbd-kmp-rt >= 8.4.3_3.0.93_rt117_0.9-0.19.7
  • drbd-kmp-rt_trace >= 8.4.3_3.0.93_rt117_0.9-0.19.7
  • iscsitarget-kmp-rt >= 1.4.20_3.0.93_rt117_0.9-0.38.1
  • iscsitarget-kmp-rt_trace >= 1.4.20_3.0.93_rt117_0.9-0.38.1
  • kernel-rt >= 3.0.93.rt117-0.9.1
  • kernel-rt-base >= 3.0.93.rt117-0.9.1
  • kernel-rt-devel >= 3.0.93.rt117-0.9.1
  • kernel-rt_trace >= 3.0.93.rt117-0.9.1
  • kernel-rt_trace-base >= 3.0.93.rt117-0.9.1
  • kernel-rt_trace-devel >= 3.0.93.rt117-0.9.1
  • kernel-source-rt >= 3.0.93.rt117-0.9.1
  • kernel-syms-rt >= 3.0.93.rt117-0.9.1
  • lttng-modules-kmp-rt >= 2.1.1_3.0.93_rt117_0.9-0.11.6
  • lttng-modules-kmp-rt_trace >= 2.1.1_3.0.93_rt117_0.9-0.11.6
  • ocfs2-kmp-rt >= 1.6_3.0.93_rt117_0.9-0.20.16
  • ocfs2-kmp-rt_trace >= 1.6_3.0.93_rt117_0.9-0.20.16
  • ofed-kmp-rt >= 1.5.4.1_3.0.93_rt117_0.9-0.13.7
  • ofed-kmp-rt_trace >= 1.5.4.1_3.0.93_rt117_0.9-0.13.7
Builds
SAT Patch Nr: 8410
SLE 11 SP2 DEBUGINFO
  • kernel-default-debuginfo >= 3.0.74-0.6.10.1
  • kernel-default-debugsource >= 3.0.74-0.6.10.1
  • kernel-default-devel-debuginfo >= 3.0.74-0.6.10.1
  • kernel-ec2-debuginfo >= 3.0.74-0.6.10.1
  • kernel-ec2-debugsource >= 3.0.74-0.6.10.1
  • kernel-trace-debuginfo >= 3.0.74-0.6.10.1
  • kernel-trace-debugsource >= 3.0.74-0.6.10.1
  • kernel-trace-devel-debuginfo >= 3.0.74-0.6.10.1
  • kernel-xen-debuginfo >= 3.0.74-0.6.10.1
  • kernel-xen-debugsource >= 3.0.74-0.6.10.1
  • kernel-xen-devel-debuginfo >= 3.0.74-0.6.10.1
Builds
SAT Patch Nr: 7767
SUSE Linux Enterprise High Availability Extension 11 SP2
  • cluster-network-kmp-default >= 1.4_3.0.74_0.6.10-2.18.41
  • cluster-network-kmp-trace >= 1.4_3.0.74_0.6.10-2.18.41
  • cluster-network-kmp-xen >= 1.4_3.0.74_0.6.10-2.18.41
  • gfs2-kmp-default >= 2_3.0.74_0.6.10-0.7.73
  • gfs2-kmp-trace >= 2_3.0.74_0.6.10-0.7.73
  • gfs2-kmp-xen >= 2_3.0.74_0.6.10-0.7.73
  • ocfs2-kmp-default >= 1.6_3.0.74_0.6.10-0.11.40
  • ocfs2-kmp-trace >= 1.6_3.0.74_0.6.10-0.11.40
  • ocfs2-kmp-xen >= 1.6_3.0.74_0.6.10-0.11.40
Builds
SAT Patch Nr: 7767
SUSE Linux Enterprise Desktop 11 SP2
  • kernel-default >= 3.0.74-0.6.10.1
  • kernel-default-base >= 3.0.74-0.6.10.1
  • kernel-default-devel >= 3.0.74-0.6.10.1
  • kernel-default-extra >= 3.0.74-0.6.10.1
  • kernel-source >= 3.0.74-0.6.10.1
  • kernel-syms >= 3.0.74-0.6.10.1
  • kernel-trace >= 3.0.74-0.6.10.1
  • kernel-trace-base >= 3.0.74-0.6.10.1
  • kernel-trace-devel >= 3.0.74-0.6.10.1
  • kernel-trace-extra >= 3.0.74-0.6.10.1
  • kernel-xen >= 3.0.74-0.6.10.1
  • kernel-xen-base >= 3.0.74-0.6.10.1
  • kernel-xen-devel >= 3.0.74-0.6.10.1
  • kernel-xen-extra >= 3.0.74-0.6.10.1
  • xen-kmp-default >= 4.1.4_02_3.0.74_0.6.10-0.5.32
  • xen-kmp-trace >= 4.1.4_02_3.0.74_0.6.10-0.5.32
Builds
SAT Patch Nr: 7767
SUSE Linux Enterprise Server 11 SP2 for VMware
  • kernel-default >= 3.0.74-0.6.10.1
  • kernel-default-base >= 3.0.74-0.6.10.1
  • kernel-default-devel >= 3.0.74-0.6.10.1
  • kernel-source >= 3.0.74-0.6.10.1
  • kernel-syms >= 3.0.74-0.6.10.1
  • kernel-trace >= 3.0.74-0.6.10.1
  • kernel-trace-base >= 3.0.74-0.6.10.1
  • kernel-trace-devel >= 3.0.74-0.6.10.1
  • kernel-xen-devel >= 3.0.74-0.6.10.1
  • xen-kmp-trace >= 4.1.4_02_3.0.74_0.6.10-0.5.32
Builds
SAT Patch Nr: 7767
SUSE Linux Enterprise Server 11 SP2
  • kernel-default >= 3.0.74-0.6.10.1
  • kernel-default-base >= 3.0.74-0.6.10.1
  • kernel-default-devel >= 3.0.74-0.6.10.1
  • kernel-ec2 >= 3.0.74-0.6.10.1
  • kernel-ec2-base >= 3.0.74-0.6.10.1
  • kernel-ec2-devel >= 3.0.74-0.6.10.1
  • kernel-source >= 3.0.74-0.6.10.1
  • kernel-syms >= 3.0.74-0.6.10.1
  • kernel-trace >= 3.0.74-0.6.10.1
  • kernel-trace-base >= 3.0.74-0.6.10.1
  • kernel-trace-devel >= 3.0.74-0.6.10.1
  • kernel-xen >= 3.0.74-0.6.10.1
  • kernel-xen-base >= 3.0.74-0.6.10.1
  • kernel-xen-devel >= 3.0.74-0.6.10.1
  • xen-kmp-default >= 4.1.4_02_3.0.74_0.6.10-0.5.32
  • xen-kmp-trace >= 4.1.4_02_3.0.74_0.6.10-0.5.32
Builds
SAT Patch Nr: 7767
SLE 11 SERVER Unsupported Extras
  • ext4-writeable-kmp-default >= 0_3.0.74_0.6.10-0.14.54
  • ext4-writeable-kmp-trace >= 0_3.0.74_0.6.10-0.14.54
  • ext4-writeable-kmp-xen >= 0_3.0.74_0.6.10-0.14.54
  • kernel-default-extra >= 3.0.74-0.6.10.1
  • kernel-xen-extra >= 3.0.74-0.6.10.1
Builds
SAT Patch Nr: 7772
SLE 11 SP2 DEBUGINFO
  • kernel-default-debuginfo >= 3.0.74-0.6.10.1
  • kernel-default-debugsource >= 3.0.74-0.6.10.1
  • kernel-default-devel-debuginfo >= 3.0.74-0.6.10.1
  • kernel-ec2-debuginfo >= 3.0.74-0.6.10.1
  • kernel-ec2-debugsource >= 3.0.74-0.6.10.1
  • kernel-pae-debuginfo >= 3.0.74-0.6.10.1
  • kernel-pae-debugsource >= 3.0.74-0.6.10.1
  • kernel-pae-devel-debuginfo >= 3.0.74-0.6.10.1
  • kernel-trace-debuginfo >= 3.0.74-0.6.10.1
  • kernel-trace-debugsource >= 3.0.74-0.6.10.1
  • kernel-trace-devel-debuginfo >= 3.0.74-0.6.10.1
  • kernel-xen-debuginfo >= 3.0.74-0.6.10.1
  • kernel-xen-debugsource >= 3.0.74-0.6.10.1
  • kernel-xen-devel-debuginfo >= 3.0.74-0.6.10.1
Builds
SAT Patch Nr: 7763
SUSE Linux Enterprise High Availability Extension 11 SP2
  • cluster-network-kmp-default >= 1.4_3.0.74_0.6.10-2.18.41
  • cluster-network-kmp-pae >= 1.4_3.0.74_0.6.10-2.18.41
  • cluster-network-kmp-trace >= 1.4_3.0.74_0.6.10-2.18.41
  • cluster-network-kmp-xen >= 1.4_3.0.74_0.6.10-2.18.41
  • gfs2-kmp-default >= 2_3.0.74_0.6.10-0.7.73
  • gfs2-kmp-pae >= 2_3.0.74_0.6.10-0.7.73
  • gfs2-kmp-trace >= 2_3.0.74_0.6.10-0.7.73
  • gfs2-kmp-xen >= 2_3.0.74_0.6.10-0.7.73
  • ocfs2-kmp-default >= 1.6_3.0.74_0.6.10-0.11.40
  • ocfs2-kmp-pae >= 1.6_3.0.74_0.6.10-0.11.40
  • ocfs2-kmp-trace >= 1.6_3.0.74_0.6.10-0.11.40
  • ocfs2-kmp-xen >= 1.6_3.0.74_0.6.10-0.11.40
Builds
SAT Patch Nr: 7763
SUSE Linux Enterprise Desktop 11 SP2
  • kernel-default >= 3.0.74-0.6.10.1
  • kernel-default-base >= 3.0.74-0.6.10.1
  • kernel-default-devel >= 3.0.74-0.6.10.1
  • kernel-default-extra >= 3.0.74-0.6.10.1
  • kernel-pae >= 3.0.74-0.6.10.1
  • kernel-pae-base >= 3.0.74-0.6.10.1
  • kernel-pae-devel >= 3.0.74-0.6.10.1
  • kernel-pae-extra >= 3.0.74-0.6.10.1
  • kernel-source >= 3.0.74-0.6.10.1
  • kernel-syms >= 3.0.74-0.6.10.1
  • kernel-trace >= 3.0.74-0.6.10.1
  • kernel-trace-base >= 3.0.74-0.6.10.1
  • kernel-trace-devel >= 3.0.74-0.6.10.1
  • kernel-trace-extra >= 3.0.74-0.6.10.1
  • kernel-xen >= 3.0.74-0.6.10.1
  • kernel-xen-base >= 3.0.74-0.6.10.1
  • kernel-xen-devel >= 3.0.74-0.6.10.1
  • kernel-xen-extra >= 3.0.74-0.6.10.1
Builds
SAT Patch Nr: 7763
SUSE Linux Enterprise Server 11 SP2 for VMware
  • kernel-default >= 3.0.74-0.6.10.1
  • kernel-default-base >= 3.0.74-0.6.10.1
  • kernel-default-devel >= 3.0.74-0.6.10.1
  • kernel-pae >= 3.0.74-0.6.10.1
  • kernel-pae-base >= 3.0.74-0.6.10.1
  • kernel-pae-devel >= 3.0.74-0.6.10.1
  • kernel-source >= 3.0.74-0.6.10.1
  • kernel-syms >= 3.0.74-0.6.10.1
  • kernel-trace >= 3.0.74-0.6.10.1
  • kernel-trace-base >= 3.0.74-0.6.10.1
  • kernel-trace-devel >= 3.0.74-0.6.10.1
  • kernel-xen-devel >= 3.0.74-0.6.10.1
Builds
SAT Patch Nr: 7763
SUSE Linux Enterprise Server 11 SP2
  • kernel-default >= 3.0.74-0.6.10.1
  • kernel-default-base >= 3.0.74-0.6.10.1
  • kernel-default-devel >= 3.0.74-0.6.10.1
  • kernel-ec2 >= 3.0.74-0.6.10.1
  • kernel-ec2-base >= 3.0.74-0.6.10.1
  • kernel-ec2-devel >= 3.0.74-0.6.10.1
  • kernel-pae >= 3.0.74-0.6.10.1
  • kernel-pae-base >= 3.0.74-0.6.10.1
  • kernel-pae-devel >= 3.0.74-0.6.10.1
  • kernel-source >= 3.0.74-0.6.10.1
  • kernel-syms >= 3.0.74-0.6.10.1
  • kernel-trace >= 3.0.74-0.6.10.1
  • kernel-trace-base >= 3.0.74-0.6.10.1
  • kernel-trace-devel >= 3.0.74-0.6.10.1
  • kernel-xen >= 3.0.74-0.6.10.1
  • kernel-xen-base >= 3.0.74-0.6.10.1
  • kernel-xen-devel >= 3.0.74-0.6.10.1
Builds
SAT Patch Nr: 7763
SLE 11 SERVER Unsupported Extras
  • ext4-writeable-kmp-default >= 0_3.0.74_0.6.10-0.14.54
  • ext4-writeable-kmp-trace >= 0_3.0.74_0.6.10-0.14.54
  • kernel-default-extra >= 3.0.74-0.6.10.1
Builds
SAT Patch Nr: 7771
SLE 11 SP2 DEBUGINFO
  • kernel-default-debuginfo >= 3.0.74-0.6.10.1
  • kernel-default-debugsource >= 3.0.74-0.6.10.1
  • kernel-default-devel-debuginfo >= 3.0.74-0.6.10.1
  • kernel-trace-debuginfo >= 3.0.74-0.6.10.1
  • kernel-trace-debugsource >= 3.0.74-0.6.10.1
  • kernel-trace-devel-debuginfo >= 3.0.74-0.6.10.1
Builds
SAT Patch Nr: 7764
SUSE Linux Enterprise High Availability Extension 11 SP2
  • cluster-network-kmp-default >= 1.4_3.0.74_0.6.10-2.18.41
  • cluster-network-kmp-trace >= 1.4_3.0.74_0.6.10-2.18.41
  • gfs2-kmp-default >= 2_3.0.74_0.6.10-0.7.73
  • gfs2-kmp-trace >= 2_3.0.74_0.6.10-0.7.73
  • ocfs2-kmp-default >= 1.6_3.0.74_0.6.10-0.11.40
  • ocfs2-kmp-trace >= 1.6_3.0.74_0.6.10-0.11.40
Builds
SAT Patch Nr: 7764
SUSE Linux Enterprise Server 11 SP2
  • kernel-default >= 3.0.74-0.6.10.1
  • kernel-default-base >= 3.0.74-0.6.10.1
  • kernel-default-devel >= 3.0.74-0.6.10.1
  • kernel-source >= 3.0.74-0.6.10.1
  • kernel-syms >= 3.0.74-0.6.10.1
  • kernel-trace >= 3.0.74-0.6.10.1
  • kernel-trace-base >= 3.0.74-0.6.10.1
  • kernel-trace-devel >= 3.0.74-0.6.10.1
Builds
SAT Patch Nr: 7764

© 2014 Novell