1939487 – (CVE-2021-28361) CVE-2021-28361 spdk: NULL pointer dereference in the iSCSI target If a PDU is sent with a zero length

Bug 1939487 (CVE-2021-28361) - CVE-2021-28361 spdk: NULL pointer dereference in the iSCSI target If a PDU is sent with a zero length

Summary: CVE-2021-28361 spdk: NULL pointer dereference in the iSCSI target If a PDU is...

Keywords:
Status:	NEW
Alias:	CVE-2021-28361
Product:	Security Response
Classification:	Other
Component:	vulnerability
Sub Component:
Version:	unspecified
Hardware:	All
OS:	Linux
Priority:	medium
Severity:	medium
Target Milestone:	---
Assignee:	Nobody
QA Contact:
Docs Contact:
URL:
Whiteboard:
Depends On:	1940644 1942063
Blocks:	1939489
TreeView+	depends on / blocked

Reported:	2021-03-16 13:35 UTC by Guilherme de Almeida Suckevicz
Modified:	2023-08-03 08:28 UTC (History)
CC List:	19 users (show)
Fixed In Version:	spdk 21.01.1
Doc Type:	If docs needed, set a value
Doc Text:	A flaw was found in the SPDK iSCSI target. A NULL pointer dereference resulted from a text PDU sent with a zero-length, resulting in a crash of the SPDK iCSCI target process. The highest threat from this vulnerability is to system availability.
Clone Of:
Environment:
Last Closed:
Embargoed:

Attachments	(Terms of Use)

Description Guilherme de Almeida Suckevicz 2021-03-16 13:35:12 UTC

An issue was discovered in Storage Performance Development Kit (SPDK) before 20.01.01. If a PDU is sent to the iSCSI target with a zero length (but data is expected), the iSCSI target can crash with a NULL pointer dereference.

Reference:
https://github.com/spdk/spdk/releases/tag/v21.01.1

Comment 1 Sage McTaggart 2021-03-18 19:09:00 UTC

External References:

https://github.com/spdk/spdk/releases/tag/v21.01.1

Comment 6 Hardik Vyas 2021-03-29 10:29:01 UTC

Statement:

* Ceph in Red Hat Enterprise Linux is built without SPDK.

* Red Hat OpenStack Platform deployments use the ceph package directly from the Ceph channel; the RHOSP ceph package will not be updated at this time.

* Red Hat OpenShift Container Storage (RHOCS) 4 shipped ceph package for the usage of RHOCS 4.2 only, that has reached End Of Life. The shipped version of ceph package is no longer used and supported with the release of RHOCS 4.3.

Note You need to log in before you can comment on or make changes to this bug.