CVE-2023-53676

See a problem?
Please try reporting it to the source first.

Source

https://cve.org/CVERecord?id=CVE-2023-53676

Import Source

https://storage.googleapis.com/osv-test-cve-osv-conversion/osv-output/CVE-2023-53676.json

JSON Data

https://api.test.osv.dev/v1/vulns/CVE-2023-53676

Downstream

BELL-CVE-2023-53676

DEBIAN-CVE-2023-53676

OESA-2025-2534

OESA-2025-2659

SUSE-SU-2025:4393-1

SUSE-SU-2025:4422-1

SUSE-SU-2025:4505-1

SUSE-SU-2025:4506-1

SUSE-SU-2025:4507-1

SUSE-SU-2025:4515-1

SUSE-SU-2025:4516-1

SUSE-SU-2025:4517-1

SUSE-SU-2025:4521-1

SUSE-SU-2025:4530-1

SUSE-SU-2026:0029-1

SUSE-SU-2026:0032-1

SUSE-SU-2026:0033-1

SUSE-SU-2026:0034-1

SUSE-SU-2026:0144-1

SUSE-SU-2026:0145-1

SUSE-SU-2026:0146-1

SUSE-SU-2026:0147-1

SUSE-SU-2026:0148-1

SUSE-SU-2026:0154-1

SUSE-SU-2026:0155-1

SUSE-SU-2026:0163-1

SUSE-SU-2026:0166-1

SUSE-SU-2026:0168-1

SUSE-SU-2026:0169-1

SUSE-SU-2026:0171-1

SUSE-SU-2026:0173-1

SUSE-SU-2026:0174-1

SUSE-SU-2026:0176-1

SUSE-SU-2026:0180-1

SUSE-SU-2026:0184-1

SUSE-SU-2026:0185-1

SUSE-SU-2026:0186-1

SUSE-SU-2026:0187-1

SUSE-SU-2026:0188-1

SUSE-SU-2026:0191-1

SUSE-SU-2026:0200-1

SUSE-SU-2026:0202-1

SUSE-SU-2026:0203-1

SUSE-SU-2026:0204-1

SUSE-SU-2026:0206-1

SUSE-SU-2026:0209-1

SUSE-SU-2026:0246-1

SUSE-SU-2026:0247-1

SUSE-SU-2026:0262-1

SUSE-SU-2026:0269-1

SUSE-SU-2026:0270-1

SUSE-SU-2026:0274-1

SUSE-SU-2026:0283-1

SUSE-SU-2026:0284-1

SUSE-SU-2026:20039-1

SUSE-SU-2026:20059-1

SUSE-SU-2026:20248-1

SUSE-SU-2026:20249-1

SUSE-SU-2026:20250-1

SUSE-SU-2026:20251-1

SUSE-SU-2026:20252-1

SUSE-SU-2026:20253-1

SUSE-SU-2026:20254-1

SUSE-SU-2026:20255-1

SUSE-SU-2026:20256-1

SUSE-SU-2026:20257-1

SUSE-SU-2026:20258-1

SUSE-SU-2026:20259-1

SUSE-SU-2026:20260-1

SUSE-SU-2026:20261-1

SUSE-SU-2026:20262-1

SUSE-SU-2026:20263-1

SUSE-SU-2026:20264-1

SUSE-SU-2026:20265-1

SUSE-SU-2026:20266-1

SUSE-SU-2026:20376-1

SUSE-SU-2026:20377-1

SUSE-SU-2026:20378-1

SUSE-SU-2026:20379-1

SUSE-SU-2026:20380-1

SUSE-SU-2026:20381-1

SUSE-SU-2026:20382-1

SUSE-SU-2026:20383-1

SUSE-SU-2026:20384-1

SUSE-SU-2026:20385-1

SUSE-SU-2026:20392-1

SUSE-SU-2026:20393-1

SUSE-SU-2026:20394-1

SUSE-SU-2026:20395-1

SUSE-SU-2026:20396-1

SUSE-SU-2026:20397-1

SUSE-SU-2026:20398-1

SUSE-SU-2026:20399-1

SUSE-SU-2026:20400-1

SUSE-SU-2026:20473-1

SUSE-SU-2026:20496-1

UBUNTU-CVE-2023-53676

Related

Published

2025-10-07T15:21:31.757Z

Modified

2026-03-20T12:33:17.708643Z

Summary

scsi: target: iscsi: Fix buffer overflow in lio_target_nacl_info_show()

Details

In the Linux kernel, the following vulnerability has been resolved:

scsi: target: iscsi: Fix buffer overflow in liotargetnaclinfoshow()

The function liotargetnaclinfoshow() uses sprintf() in a loop to print details for every iSCSI connection in a session without checking for the buffer length. With enough iSCSI connections it's possible to overflow the buffer provided by configfs and corrupt the memory.

This patch replaces sprintf() with sysfsemitat() that checks for buffer boundries.

Database specific

{
    "cna_assigner": "Linux",
    "osv_generated_from": "https://github.com/CVEProject/cvelistV5/tree/main/cves/2023/53xxx/CVE-2023-53676.json"
}

References

Affected packages

Git / git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git

Affected ranges

Type: GIT
Repo: https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git
Events: Introduced

e48354ce078c079996f89d715dfa44814b4eba01

Fixed

df349e84c2cb0dd05d98c8e1189c26ab4b116083

Fixed

114b44dddea1f8f99576de3c0e6e9059012002fc

Fixed

2cbe6a88fbdd6e8aeab358eef61472e2de43d6f6

Fixed

bbe3ff47bf09db8956bc2eeb49d2d514d256ad2a

Fixed

5353df78c22623b42a71d51226d228a8413097e2

Fixed

4738bf8b2d3635c2944b81b2a84d97b8c8b0978d

Fixed

0cac6cbb9908309352a5d30c1876882771d3da50

Fixed

801f287c93ff95582b0a2d2163f12870a2f076d4

Database specific

source

"https://storage.googleapis.com/osv-test-cve-osv-conversion/osv-output/CVE-2023-53676.json"