Description
In drivers/target/target_core_xcopy.c in the Linux kernel before 5.10.7,
insufficient identifier checking in the LIO SCSI target code can be used by
remote attackers to read or write files via directory traversal in an XCOPY
request, aka CID-2896c93811e3. For example, an attack can occur over a
network if the attacker has access to one iSCSI LUN. The attacker gains
control over file access because I/O operations are proxied via an
attacker-selected backstore.
Ubuntu-Description
It was discovered that the LIO SCSI target implementation in the Linux
kernel performed insufficient identifier checking in certain XCOPY
requests. An attacker with access to at least one LUN in a multiple
backstore environment could use this to expose sensitive information or
modify data.
Mitigation
XCOPY support is enabled by default, but can be disabled via:
echo 0 > /sys/kernel/config/target/core/<backstore>/<name>/attrib/emulate_3pc
or
targetcli /backstores/<backstore>/<name> set attribute emulate_3pc=0
.
This workaround does *not* affect XCOPY requests sent to tcmu-runner
based backstores.
Notes
| sbeattie | MITIGATION
XCOPY support is enabled by default, but can be disabled via:
echo 0 > /sys/kernel/config/target/core/<backstore>/<name>/attrib/emulate_3pc
or
targetcli /backstores/<backstore>/<name> set attribute emulate_3pc=0
.
This workaround does *not* affect XCOPY requests sent to tcmu-runner
based backstores. |
Package
| Upstream: | released
(5.11~rc4)
|
| Ubuntu 18.04 LTS: | released
(4.15.0-132.136)
|
| Ubuntu 20.04 LTS: | released
(5.4.0-62.70)
|
| Ubuntu 16.04 ESM: | released
(4.4.0-200.232)
|
| Ubuntu 14.04 ESM: | released
(3.13.0-184.235)
|
Patches:
Package
Priority: Medium
| Upstream: | released
(5.11~rc4)
|
| Ubuntu 18.04 LTS: | released
(4.15.0-1093.99)
|
| Ubuntu 20.04 LTS: | released
(5.4.0-1037.39)
|
| Ubuntu 16.04 ESM: | released
(4.4.0-1121.135)
|
| Ubuntu 14.04 ESM: | released
(4.4.0-1085.89)
|
Patches:
Package
Priority: Medium
| Upstream: | released
(5.11~rc4)
|
| Ubuntu 18.04 LTS: | ignored
(superseded by linux-aws-5.3)
|
| Ubuntu 20.04 LTS: | DNE
|
| Ubuntu 14.04 ESM: | DNE
|
Patches:
Package
Priority: Medium
| Upstream: | released
(5.11~rc4)
|
| Ubuntu 18.04 LTS: | ignored
(superseded by linux-aws-5.4)
|
| Ubuntu 20.04 LTS: | DNE
|
| Ubuntu 14.04 ESM: | DNE
|
Patches:
Package
Priority: Medium
| Upstream: | released
(5.11~rc4)
|
| Ubuntu 18.04 LTS: | released
(5.4.0-1037.39~18.04.1)
|
| Ubuntu 20.04 LTS: | DNE
|
| Ubuntu 14.04 ESM: | DNE
|
Patches:
Package
Priority: Medium
| Upstream: | released
(5.11~rc4)
|
| Ubuntu 18.04 LTS: | DNE
|
| Ubuntu 20.04 LTS: | DNE
|
| Ubuntu 16.04 ESM: | released
(4.15.0-1093.99~16.04.1)
|
| Ubuntu 14.04 ESM: | DNE
|
Patches:
Package
Priority: Medium
| Upstream: | released
(5.11~rc4)
|
| Ubuntu 18.04 LTS: | ignored
(superseded by linux-azure-5.3)
|
| Ubuntu 20.04 LTS: | released
(5.4.0-1039.41)
|
| Ubuntu 16.04 ESM: | released
(4.15.0-1106.118~16.04.1)
|
| Ubuntu 14.04 ESM: | released
(4.15.0-1106.118~14.04.1)
|
Patches:
Package
Priority: Medium
| Upstream: | released
(5.11~rc4)
|
| Ubuntu 18.04 LTS: | released
(4.15.0-1106.118)
|
| Ubuntu 20.04 LTS: | DNE
|
| Ubuntu 14.04 ESM: | DNE
|
Patches:
Package
Priority: Medium
| Upstream: | released
(5.11~rc4)
|
| Ubuntu 18.04 LTS: | ignored
(superseded by linux-azure-5.4)
|
| Ubuntu 20.04 LTS: | DNE
|
| Ubuntu 14.04 ESM: | DNE
|
Patches:
Package
Priority: Medium
| Upstream: | released
(5.11~rc4)
|
| Ubuntu 18.04 LTS: | released
(5.4.0-1039.41~18.04.1)
|
| Ubuntu 20.04 LTS: | DNE
|
| Ubuntu 14.04 ESM: | DNE
|
Patches:
Package
Priority: Medium
| Upstream: | released
(5.11~rc4)
|
| Ubuntu 18.04 LTS: | ignored
(superseded by linux-azure-5.3)
|
| Ubuntu 20.04 LTS: | DNE
|
| Ubuntu 14.04 ESM: | DNE
|
Patches:
Package
| Upstream: | released
(5.11~rc4)
|
| Ubuntu 18.04 LTS: | released
(4.15.0-1011.15)
|
| Ubuntu 20.04 LTS: | DNE
|
| Ubuntu 14.04 ESM: | DNE
|
Patches:
Package
Priority: Medium
| Upstream: | released
(5.11~rc4)
|
| Ubuntu 18.04 LTS: | ignored
(superseded by linux-gcp-5.3)
|
| Ubuntu 20.04 LTS: | released
(5.4.0-1036.39)
|
| Ubuntu 16.04 ESM: | released
(4.15.0-1092.105~16.04.1)
|
| Ubuntu 14.04 ESM: | DNE
|
Patches:
Package
Priority: Medium
| Upstream: | released
(5.11~rc4)
|
| Ubuntu 18.04 LTS: | released
(4.15.0-1092.105)
|
| Ubuntu 20.04 LTS: | DNE
|
| Ubuntu 14.04 ESM: | DNE
|
Patches:
Package
Priority: Medium
| Upstream: | released
(5.11~rc4)
|
| Ubuntu 18.04 LTS: | ignored
(superseded by linux-gcp-5.4)
|
| Ubuntu 20.04 LTS: | DNE
|
| Ubuntu 14.04 ESM: | DNE
|
Patches:
Package
Priority: Medium
| Upstream: | released
(5.11~rc4)
|
| Ubuntu 18.04 LTS: | released
(5.4.0-1036.39~18.04.1)
|
| Ubuntu 20.04 LTS: | DNE
|
| Ubuntu 14.04 ESM: | DNE
|
Patches:
Package
Priority: Medium
| Upstream: | released
(5.11~rc4)
|
| Ubuntu 18.04 LTS: | ignored
(superseded by linux-gcp-5.3)
|
| Ubuntu 20.04 LTS: | DNE
|
| Ubuntu 14.04 ESM: | DNE
|
Patches:
Package
Priority: Medium
| Upstream: | released
(5.11~rc4)
|
| Ubuntu 18.04 LTS: | released
(4.15.0-1078.83)
|
| Ubuntu 20.04 LTS: | DNE
|
| Ubuntu 14.04 ESM: | DNE
|
Patches:
Package
Priority: Medium
| Upstream: | released
(5.11~rc4)
|
| Ubuntu 18.04 LTS: | released
(5.0.0-1051.53)
|
| Ubuntu 20.04 LTS: | DNE
|
| Ubuntu 14.04 ESM: | DNE
|
Patches:
Package
Priority: Medium
| Upstream: | released
(5.11~rc4)
|
| Ubuntu 18.04 LTS: | released
(5.3.0-1040.43)
|
| Ubuntu 20.04 LTS: | DNE
|
| Ubuntu 14.04 ESM: | DNE
|
Patches:
Package
Priority: Medium
| Upstream: | released
(5.11~rc4)
|
| Ubuntu 18.04 LTS: | released
(5.4.0-1035.37~18.04.1)
|
| Ubuntu 20.04 LTS: | DNE
|
| Ubuntu 14.04 ESM: | DNE
|
Patches:
Package
| Upstream: | released
(5.11~rc4)
|
| Ubuntu 18.04 LTS: | DNE
|
| Ubuntu 20.04 LTS: | released
(5.4.0-1009.10)
|
| Ubuntu 14.04 ESM: | DNE
|
Patches:
Package
Priority: Medium
| Upstream: | released
(5.11~rc4)
|
| Ubuntu 18.04 LTS: | released
(5.4.0-1009.10~18.04.1)
|
| Ubuntu 20.04 LTS: | DNE
|
| Ubuntu 14.04 ESM: | DNE
|
Patches:
Package
| Upstream: | released
(5.11~rc4)
|
| Ubuntu 18.04 LTS: | released
(5.3.0-70.66)
|
| Ubuntu 20.04 LTS: | DNE
|
| Ubuntu 16.04 ESM: | released
(4.15.0-132.136~16.04.1)
|
| Ubuntu 14.04 ESM: | DNE
|
Patches:
Package
| Upstream: | released
(5.11~rc4)
|
| Ubuntu 18.04 LTS: | released
(5.4.0-62.70~18.04.1)
|
| Ubuntu 20.04 LTS: | DNE
|
| Ubuntu 14.04 ESM: | DNE
|
Patches:
Package
| Upstream: | released
(5.11~rc4)
|
| Ubuntu 18.04 LTS: | DNE
|
| Ubuntu 20.04 LTS: | released
(5.8.0-38.43~20.04.1)
|
| Ubuntu 14.04 ESM: | DNE
|
Patches:
Package
| Upstream: | released
(5.11~rc4)
|
| Ubuntu 18.04 LTS: | ignored
(superseded by linux-hwe-5.4)
|
| Ubuntu 20.04 LTS: | DNE
|
| Ubuntu 16.04 ESM: | ignored
(superseded by linux-hwe)
|
| Ubuntu 14.04 ESM: | DNE
|
Patches:
Package
Priority: Medium
| Upstream: | released
(5.11~rc4)
|
| Ubuntu 18.04 LTS: | released
(4.15.0-1084.86)
|
| Ubuntu 20.04 LTS: | released
(5.4.0-1032.33)
|
| Ubuntu 16.04 ESM: | released
(4.4.0-1087.96)
|
| Ubuntu 14.04 ESM: | DNE
|
Patches:
Package
| Upstream: | released
(5.11~rc4)
|
| Ubuntu 18.04 LTS: | DNE
|
| Ubuntu 20.04 LTS: | DNE
|
| Ubuntu 14.04 ESM: | DNE
|
Patches:
Package
| Upstream: | released
(5.11~rc4)
|
| Ubuntu 18.04 LTS: | DNE
|
| Ubuntu 20.04 LTS: | DNE
|
| Ubuntu 14.04 ESM: | released
(4.4.0-200.232~14.04.1)
|
Patches:
Package
Priority: Medium
| Upstream: | released
(5.11~rc4)
|
| Ubuntu 18.04 LTS: | ignored
(was needs-triage now end-of-life)
|
| Ubuntu 20.04 LTS: | DNE
|
| Ubuntu 14.04 ESM: | DNE
|
Patches:
Package
| Upstream: | released
(5.11~rc4)
|
| Ubuntu 18.04 LTS: | DNE
|
| Ubuntu 20.04 LTS: | released
(5.10.0-1014.15)
|
| Ubuntu 14.04 ESM: | DNE
|
Patches:
Package
Priority: Medium
| Upstream: | released
(5.11~rc4)
|
| Ubuntu 18.04 LTS: | DNE
|
| Ubuntu 20.04 LTS: | released
(5.6.0-1047.51)
|
| Ubuntu 14.04 ESM: | DNE
|
Patches:
Package
Priority: Medium
| Upstream: | released
(5.11~rc4)
|
| Ubuntu 18.04 LTS: | ignored
(was needs-triage now end-of-life)
|
| Ubuntu 20.04 LTS: | DNE
|
| Ubuntu 14.04 ESM: | DNE
|
Patches:
Package
Priority: Medium
| Upstream: | released
(5.11~rc4)
|
| Ubuntu 18.04 LTS: | released
(4.15.0-1064.71)
|
| Ubuntu 20.04 LTS: | released
(5.4.0-1037.40)
|
| Ubuntu 16.04 ESM: | released
(4.15.0-1064.71~16.04.1)
|
| Ubuntu 14.04 ESM: | DNE
|
Patches:
Package
Priority: Medium
| Upstream: | released
(5.11~rc4)
|
| Ubuntu 18.04 LTS: | ignored
(superseded by linux-oracle-5.3)
|
| Ubuntu 20.04 LTS: | DNE
|
| Ubuntu 14.04 ESM: | DNE
|
Patches:
Package
Priority: Medium
| Upstream: | released
(5.11~rc4)
|
| Ubuntu 18.04 LTS: | ignored
(superseded by linux-oracle-5.4)
|
| Ubuntu 20.04 LTS: | DNE
|
| Ubuntu 14.04 ESM: | DNE
|
Patches:
Package
Priority: Medium
| Upstream: | released
(5.11~rc4)
|
| Ubuntu 18.04 LTS: | released
(5.4.0-1037.40~18.04.1)
|
| Ubuntu 20.04 LTS: | DNE
|
| Ubuntu 14.04 ESM: | DNE
|
Patches:
Package
Priority: Medium
| Upstream: | released
(5.11~rc4)
|
| Ubuntu 18.04 LTS: | DNE
|
| Ubuntu 20.04 LTS: | released
(5.4.0-1028.31)
|
| Ubuntu 14.04 ESM: | DNE
|
Patches:
Package
Priority: Medium
| Upstream: | released
(5.11~rc4)
|
| Ubuntu 18.04 LTS: | released
(5.4.0-1028.31~18.04.1)
|
| Ubuntu 20.04 LTS: | DNE
|
| Ubuntu 14.04 ESM: | DNE
|
Patches:
Package
Priority: Medium
Patches:
Package
Priority: Medium
| Upstream: | released
(5.11~rc4)
|
| Ubuntu 18.04 LTS: | released
(5.3.0-1037.39)
|
| Ubuntu 20.04 LTS: | DNE
|
| Ubuntu 14.04 ESM: | DNE
|
Patches:
Package
Priority: Medium
| Upstream: | released
(5.11~rc4)
|
| Ubuntu 18.04 LTS: | DNE
|
| Ubuntu 20.04 LTS: | ignored
(was needs-triage now end-of-life)
|
| Ubuntu 14.04 ESM: | DNE
|
Patches:
Package
Priority: Medium
| Upstream: | released
(5.11~rc4)
|
| Ubuntu 18.04 LTS: | released
(4.15.0-1095.104)
|
| Ubuntu 20.04 LTS: | DNE
|
| Ubuntu 14.04 ESM: | DNE
|
Patches:
Updated: 2022-04-13 14:19:01 UTC (commit f411bd370d482ef4385c4e751d121a4055fbc009)