1. Home
  2. CVEs with refmap.mlist==[oss-security] 20210113 Re: CVE-2020-28374: Linux SCSI target (LIO) unrestricted copy offload
Max CVSS 5.5 Min CVSS 5.5 Total Count2
IDCVSSSummaryLast (major) updatePublished
CVE-2020-28374 5.5
In drivers/target/target_core_xcopy.c in the Linux kernel before 5.10.7, insufficient identifier checking in the LIO SCSI target code can be used by remote attackers to read or write files via directory traversal in an XCOPY request, aka CID-2896c938
15-03-2021 - 22:04 13-01-2021 - 04:15
CVE-2021-3139 5.5
In Open-iSCSI tcmu-runner 1.3.x, 1.4.x, and 1.5.x through 1.5.2, xcopy_locate_udev in tcmur_cmd_handler.c lacks a check for transport-layer restrictions, allowing remote attackers to read or write files via directory traversal in an XCOPY request. Fo
22-01-2021 - 18:25 13-01-2021 - 16:15
Back to Top Mark selected
Back to Top