Candidate: CVE-2017-17840
PublicDate: 2017-12-27 17:08:00 UTC
References:
 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-17840
 http://www.openwall.com/lists/oss-security/2017/12/13/2
Description:
 An issue was discovered in Open-iSCSI through 2.0.875. A local attacker can
 cause the iscsiuio server to abort or potentially execute code by sending
 messages with incorrect lengths, which (due to lack of checking) can lead
 to buffer overflows, and result in aborts (with overflow checking enabled)
 or code execution. The process_iscsid_broadcast function in
 iscsiuio/src/unix/iscsid_ipc.c does not validate the payload length before
 a write operation.
Ubuntu-Description:
Notes:
 ratliff> iscsiuio is not built on xenial, zesty, not present in trusty
 mdeslaur> iscsiuio package is in universe
Bugs:
 https://bugzilla.opensuse.org/show_bug.cgi?id=1072312
 http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=885021
Priority: medium
Discovered-by:
Assigned-to:
CVSS:
 nvd: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H [7.8 HIGH]


Patches_open-iscsi:
Tags_open-iscsi: universe-binary
upstream_open-iscsi: released (2.0.874-5)
precise/esm_open-iscsi: not-affected
trusty_open-iscsi: not-affected
trusty/esm_open-iscsi: not-affected
xenial_open-iscsi: not-affected
esm-infra/xenial_open-iscsi: not-affected
zesty_open-iscsi: not-affected
artful_open-iscsi: ignored (reached end-of-life)
bionic_open-iscsi: not-affected (2.0.874-5ubuntu2.3)
cosmic_open-iscsi: not-affected (2.0.874-5ubuntu2.3)
devel_open-iscsi: not-affected (2.0.874-5ubuntu2.3)