CVE-2023-53676
Unknown Unknown - Not Provided

BaseFortify

Vulnerability report for CVE-2023-53676, including description, CVSS score, EPSS score, affected products, exploitability, helpful resources, and attack-flow context.

Publication date: 2025-10-07

Last updated on: 2026-02-26

Assigner: kernel.org

Description

In the Linux kernel, the following vulnerability has been resolved: scsi: target: iscsi: Fix buffer overflow in lio_target_nacl_info_show() The function lio_target_nacl_info_show() uses sprintf() in a loop to print details for every iSCSI connection in a session without checking for the buffer length. With enough iSCSI connections it's possible to overflow the buffer provided by configfs and corrupt the memory. This patch replaces sprintf() with sysfs_emit_at() that checks for buffer boundries.

CVSS Scores

EPSS Scores

Probability:
Percentile:

Meta Information

Published
2025-10-07
Last Modified
2026-02-26
Generated
2026-07-06
AI Q&A
2025-10-07
EPSS Evaluated
2026-07-05
NVD

Affected Vendors & Products

Showing 1 associated CPE
Vendor Product Version / Range
linux linux_kernel From 5.15.160 (inc) to 5.16 (inc)

Helpful Resources

Exploitability

CWE
CWE Icon
KEV
KEV Icon
CWE ID Description
CWE-787 The product writes data past the end, or before the beginning, of the intended buffer.

Attack-Flow Graph

AI Quick Actions

Instant insights powered by AI
Executive Summary

This vulnerability is a buffer overflow in the Linux kernel's iSCSI target code. Specifically, the function lio_target_nacl_info_show() uses sprintf() in a loop to print details for every iSCSI connection in a session without checking the buffer length. If there are enough iSCSI connections, this can overflow the buffer provided by configfs and corrupt memory. The issue was fixed by replacing sprintf() with sysfs_emit_at(), which checks buffer boundaries.

Impact Analysis

The vulnerability can lead to memory corruption due to buffer overflow when handling multiple iSCSI connections. This could potentially cause system instability, crashes, or be exploited to execute arbitrary code, compromising the security and reliability of the affected system.

Mitigation Strategies

Apply the patch that replaces sprintf() with sysfs_emit_at() in the lio_target_nacl_info_show() function to prevent buffer overflow. This involves updating the Linux kernel to a version where this vulnerability is fixed.

Chat Assistant

Ask questions about this CVE
Hi! I’m here to help you understand CVE-2023-53676. Ask me anything about the vulnerability, its impact, or mitigation strategies.
0/70

EPSS Chart