It was discovered that the LIO SCSI target implementation in the Linux kernel performed insufficient identifier checking in certain XCOPY requests. An attacker with access to at least one LUN in a multiple backstore environment could use this to expose sensitive information or modify data.
{ "availability": "No subscription required", "binaries": [ { "linux-modules-5.10.0-1014-oem": "5.10.0-1014.15", "linux-headers-5.10.0-1014-oem": "5.10.0-1014.15", "linux-oem-5.10-tools-host": "5.10.0-1014.15", "linux-buildinfo-5.10.0-1014-oem": "5.10.0-1014.15", "linux-tools-5.10.0-1014-oem": "5.10.0-1014.15", "linux-image-unsigned-5.10.0-1014-oem-dbgsym": "5.10.0-1014.15", "linux-oem-5.10-headers-5.10.0-1014": "5.10.0-1014.15", "linux-oem-5.10-tools-5.10.0-1014": "5.10.0-1014.15", "linux-image-unsigned-5.10.0-1014-oem": "5.10.0-1014.15" } ] }