{"dataType":"CVE_RECORD","dataVersion":"5.2","cveMetadata":{"cveId":"CVE-2023-53676","assignerOrgId":"416baaa9-dc9f-4396-8d5f-8c081fb06d67","state":"PUBLISHED","assignerShortName":"Linux","dateReserved":"2025-10-07T15:16:59.664Z","datePublished":"2025-10-07T15:21:31.757Z","dateUpdated":"2026-05-11T19:49:45.844Z"},"containers":{"cna":{"providerMetadata":{"orgId":"416baaa9-dc9f-4396-8d5f-8c081fb06d67","shortName":"Linux","dateUpdated":"2026-05-11T19:49:45.844Z"},"descriptions":[{"lang":"en","value":"In the Linux kernel, the following vulnerability has been resolved:\n\nscsi: target: iscsi: Fix buffer overflow in lio_target_nacl_info_show()\n\nThe function lio_target_nacl_info_show() uses sprintf() in a loop to print\ndetails for every iSCSI connection in a session without checking for the\nbuffer length. With enough iSCSI connections it's possible to overflow the\nbuffer provided by configfs and corrupt the memory.\n\nThis patch replaces sprintf() with sysfs_emit_at() that checks for buffer\nboundries."}],"affected":[{"product":"Linux","vendor":"Linux","defaultStatus":"unaffected","repo":"https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git","programFiles":["drivers/target/iscsi/iscsi_target_configfs.c"],"versions":[{"version":"e48354ce078c079996f89d715dfa44814b4eba01","lessThan":"df349e84c2cb0dd05d98c8e1189c26ab4b116083","status":"affected","versionType":"git"},{"version":"e48354ce078c079996f89d715dfa44814b4eba01","lessThan":"114b44dddea1f8f99576de3c0e6e9059012002fc","status":"affected","versionType":"git"},{"version":"e48354ce078c079996f89d715dfa44814b4eba01","lessThan":"2cbe6a88fbdd6e8aeab358eef61472e2de43d6f6","status":"affected","versionType":"git"},{"version":"e48354ce078c079996f89d715dfa44814b4eba01","lessThan":"bbe3ff47bf09db8956bc2eeb49d2d514d256ad2a","status":"affected","versionType":"git"},{"version":"e48354ce078c079996f89d715dfa44814b4eba01","lessThan":"5353df78c22623b42a71d51226d228a8413097e2","status":"affected","versionType":"git"},{"version":"e48354ce078c079996f89d715dfa44814b4eba01","lessThan":"4738bf8b2d3635c2944b81b2a84d97b8c8b0978d","status":"affected","versionType":"git"},{"version":"e48354ce078c079996f89d715dfa44814b4eba01","lessThan":"0cac6cbb9908309352a5d30c1876882771d3da50","status":"affected","versionType":"git"},{"version":"e48354ce078c079996f89d715dfa44814b4eba01","lessThan":"801f287c93ff95582b0a2d2163f12870a2f076d4","status":"affected","versionType":"git"}]},{"product":"Linux","vendor":"Linux","defaultStatus":"affected","repo":"https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git","programFiles":["drivers/target/iscsi/iscsi_target_configfs.c"],"versions":[{"version":"3.1","status":"affected"},{"version":"0","lessThan":"3.1","status":"unaffected","versionType":"semver"},{"version":"4.14.326","lessThanOrEqual":"4.14.*","status":"unaffected","versionType":"semver"},{"version":"4.19.295","lessThanOrEqual":"4.19.*","status":"unaffected","versionType":"semver"},{"version":"5.4.257","lessThanOrEqual":"5.4.*","status":"unaffected","versionType":"semver"},{"version":"5.10.197","lessThanOrEqual":"5.10.*","status":"unaffected","versionType":"semver"},{"version":"5.15.133","lessThanOrEqual":"5.15.*","status":"unaffected","versionType":"semver"},{"version":"6.1.55","lessThanOrEqual":"6.1.*","status":"unaffected","versionType":"semver"},{"version":"6.5.5","lessThanOrEqual":"6.5.*","status":"unaffected","versionType":"semver"},{"version":"6.6","lessThanOrEqual":"*","status":"unaffected","versionType":"original_commit_for_fix"}]}],"cpeApplicability":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*","versionStartIncluding":"3.1","versionEndExcluding":"4.14.326"},{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*","versionStartIncluding":"3.1","versionEndExcluding":"4.19.295"},{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*","versionStartIncluding":"3.1","versionEndExcluding":"5.4.257"},{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*","versionStartIncluding":"3.1","versionEndExcluding":"5.10.197"},{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*","versionStartIncluding":"3.1","versionEndExcluding":"5.15.133"},{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*","versionStartIncluding":"3.1","versionEndExcluding":"6.1.55"},{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*","versionStartIncluding":"3.1","versionEndExcluding":"6.5.5"},{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*","versionStartIncluding":"3.1","versionEndExcluding":"6.6"}]}]}],"references":[{"url":"https://git.kernel.org/stable/c/df349e84c2cb0dd05d98c8e1189c26ab4b116083"},{"url":"https://git.kernel.org/stable/c/114b44dddea1f8f99576de3c0e6e9059012002fc"},{"url":"https://git.kernel.org/stable/c/2cbe6a88fbdd6e8aeab358eef61472e2de43d6f6"},{"url":"https://git.kernel.org/stable/c/bbe3ff47bf09db8956bc2eeb49d2d514d256ad2a"},{"url":"https://git.kernel.org/stable/c/5353df78c22623b42a71d51226d228a8413097e2"},{"url":"https://git.kernel.org/stable/c/4738bf8b2d3635c2944b81b2a84d97b8c8b0978d"},{"url":"https://git.kernel.org/stable/c/0cac6cbb9908309352a5d30c1876882771d3da50"},{"url":"https://git.kernel.org/stable/c/801f287c93ff95582b0a2d2163f12870a2f076d4"}],"title":"scsi: target: iscsi: Fix buffer overflow in lio_target_nacl_info_show()","x_generator":{"engine":"bippy-1.2.0"}}}}