CVE-2023-53676
BaseFortify
Publication date: 2025-10-07
Last updated on: 2026-02-26
Assigner: kernel.org
Description
Description
CVSS Scores
EPSS Scores
| Probability: | |
| Percentile: |
Meta Information
Affected Vendors & Products
| Vendor | Product | Version / Range |
|---|---|---|
| linux | linux_kernel | From 5.15.160 (inc) to 5.16 (inc) |
Helpful Resources
Exploitability
| CWE ID | Description |
|---|---|
| CWE-787 | The product writes data past the end, or before the beginning, of the intended buffer. |
Attack-Flow Graph
AI Powered Q&A
Can you explain this vulnerability to me?
This vulnerability is a buffer overflow in the Linux kernel's iSCSI target code. Specifically, the function lio_target_nacl_info_show() uses sprintf() in a loop to print details for every iSCSI connection in a session without checking the buffer length. If there are enough iSCSI connections, this can overflow the buffer provided by configfs and corrupt memory. The issue was fixed by replacing sprintf() with sysfs_emit_at(), which checks buffer boundaries.
How can this vulnerability impact me? :
The vulnerability can lead to memory corruption due to buffer overflow when handling multiple iSCSI connections. This could potentially cause system instability, crashes, or be exploited to execute arbitrary code, compromising the security and reliability of the affected system.
What immediate steps should I take to mitigate this vulnerability?
Apply the patch that replaces sprintf() with sysfs_emit_at() in the lio_target_nacl_info_show() function to prevent buffer overflow. This involves updating the Linux kernel to a version where this vulnerability is fixed.