CVE-2023-53676
Unknown Unknown - Not Provided
BaseFortify

Publication date: 2025-10-07

Last updated on: 2026-02-26

Assigner: kernel.org

Description
In the Linux kernel, the following vulnerability has been resolved: scsi: target: iscsi: Fix buffer overflow in lio_target_nacl_info_show() The function lio_target_nacl_info_show() uses sprintf() in a loop to print details for every iSCSI connection in a session without checking for the buffer length. With enough iSCSI connections it's possible to overflow the buffer provided by configfs and corrupt the memory. This patch replaces sprintf() with sysfs_emit_at() that checks for buffer boundries.
CVSS Scores
EPSS Scores
Probability:
Percentile:
Meta Information
Published
2025-10-07
Last Modified
2026-02-26
Generated
2026-06-16
AI Q&A
2025-10-07
EPSS Evaluated
2026-06-15
NVD
CVE-2023-53676
Affected Vendors & Products
Showing 1 associated CPE
Vendor Product Version / Range
linux linux_kernel From 5.15.160 (inc) to 5.16 (inc)
Helpful Resources
Exploitability
CWE
CWE Icon
KEV
KEV Icon
CWE ID Description
CWE-787 The product writes data past the end, or before the beginning, of the intended buffer.
Attack-Flow Graph
AI Quick Actions
Instant insights powered by AI
Executive Summary

This vulnerability is a buffer overflow in the Linux kernel's iSCSI target code. Specifically, the function lio_target_nacl_info_show() uses sprintf() in a loop to print details for every iSCSI connection in a session without checking the buffer length. If there are enough iSCSI connections, this can overflow the buffer provided by configfs and corrupt memory. The issue was fixed by replacing sprintf() with sysfs_emit_at(), which checks buffer boundaries.

Impact Analysis

The vulnerability can lead to memory corruption due to buffer overflow when handling multiple iSCSI connections. This could potentially cause system instability, crashes, or be exploited to execute arbitrary code, compromising the security and reliability of the affected system.

Mitigation Strategies

Apply the patch that replaces sprintf() with sysfs_emit_at() in the lio_target_nacl_info_show() function to prevent buffer overflow. This involves updating the Linux kernel to a version where this vulnerability is fixed.

Chat Assistant
Ask questions about this CVE
Hi! I’m here to help you understand CVE-2023-53676. Ask me anything about the vulnerability, its impact, or mitigation strategies.
0/70
EPSS Chart