It was discovered that the LIO SCSI target implementation in the Linux kernel performed insufficient identifier checking in certain XCOPY requests. An attacker with access to at least one LUN in a multiple backstore environment could use this to expose sensitive information or modify data.
{ "availability": "No subscription required", "binaries": [ { "binary_version": "5.10.0-1014.15", "binary_name": "linux-buildinfo-5.10.0-1014-oem" }, { "binary_version": "5.10.0-1014.15", "binary_name": "linux-headers-5.10.0-1014-oem" }, { "binary_version": "5.10.0-1014.15", "binary_name": "linux-image-unsigned-5.10.0-1014-oem" }, { "binary_version": "5.10.0-1014.15", "binary_name": "linux-image-unsigned-5.10.0-1014-oem-dbgsym" }, { "binary_version": "5.10.0-1014.15", "binary_name": "linux-modules-5.10.0-1014-oem" }, { "binary_version": "5.10.0-1014.15", "binary_name": "linux-oem-5.10-headers-5.10.0-1014" }, { "binary_version": "5.10.0-1014.15", "binary_name": "linux-oem-5.10-tools-5.10.0-1014" }, { "binary_version": "5.10.0-1014.15", "binary_name": "linux-oem-5.10-tools-host" }, { "binary_version": "5.10.0-1014.15", "binary_name": "linux-tools-5.10.0-1014-oem" } ] }