Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1000 CNY

100.0%
Buy Us a Coffee

CVE-2013-2850

EPSS 13.32% · P94
Get alerts for future matching vulnerabilitiesLog in to subscribe

I. Basic Information for CVE-2013-2850

Vulnerability Information
Have questions about the vulnerability? See if Shenlong's analysis helps!
View Shenlong Deep Dive ↗

Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.

Vulnerability Title
N/A
Source: NVD (National Vulnerability Database)
Vulnerability Description
Heap-based buffer overflow in the iscsi_add_notunderstood_response function in drivers/target/iscsi/iscsi_target_parameters.c in the iSCSI target subsystem in the Linux kernel through 3.9.4 allows remote attackers to cause a denial of service (memory corruption and OOPS) or possibly execute arbitrary code via a long key that is not properly handled during construction of an error-response packet.
Source: NVD (National Vulnerability Database)
CVSS Information
N/A
Source: NVD (National Vulnerability Database)
Vulnerability Type
N/A
Source: NVD (National Vulnerability Database)
Vulnerability Title
Linux Kernel 堆缓冲区错误漏洞
Source: CNNVD (China National Vulnerability Database)
Vulnerability Description
Linux kernel是美国Linux基金会发布的开源操作系统Linux所使用的内核。NFSv4 implementation是其中的一个分布式文件系统协议。 Linux kernel 3.9.4及之前的版本中的iSCSI目标子系统中的drivers/target/iscsi/iscsi_target_parameters.c中的‘iscsi_add_notunderstood_response’函数中存在基于堆的缓冲区溢出漏洞。远程攻击者可通过构造错误响应数据包期间程序没有正确处理的长密钥,利用该漏洞
Source: CNNVD (China National Vulnerability Database)
CVSS Information
N/A
Source: CNNVD (China National Vulnerability Database)
Vulnerability Type
N/A
Source: CNNVD (China National Vulnerability Database)

Affected Products

VendorProductAffected VersionsCPESubscribe
-n/a n/a -

II. Public POCs for CVE-2013-2850

#POC DescriptionSource LinkShenlong Link
AI-Generated POCPremium

No public POC found.

Login to generate AI POC

III. Intelligence Information for CVE-2013-2850

登录查看更多情报信息。

Same Patch Batch · n/a · 2013-06-07 · 14 CVEs total

CVE-2013-0142QNAP VioStor NVR和QNAP NAS Hard Coded Credentials身份验证绕过漏洞
CVE-2013-0143QNAP VioStor NVR和QNAP NAS 远程代码执行漏洞
CVE-2013-0144QNAP VioStor NVR 跨站请求伪造漏洞
CVE-2013-0947RSA Authentication Manager 多个信息泄露漏洞
CVE-2013-2128Linux Kernel ‘tcp_collapse()’ 本地拒绝服务漏洞
CVE-2011-4604Linux kernel缓冲区错误漏洞
CVE-2013-1929Linux Kernel ‘tg3.c’整数溢出漏洞
CVE-2013-2141Linux kernel 资源管理错误漏洞
CVE-2013-2146Linux kernel 输入验证错误漏洞
CVE-2013-2147Linux kernel 资源管理错误漏洞
CVE-2013-2148Linux kernel 资源管理错误漏洞
CVE-2013-2851Linux kernel ‘register_disk’函数格式化字符串漏洞
CVE-2013-2852Linux kernel ‘b43_request_firmware’函数格式化字符串漏洞

IV. Related Vulnerabilities

Same product: n/a
Same vendor: n/a

V. Comments for CVE-2013-2850

No comments yet

Leave a comment