The iscsi_if_rx() function in 'drivers/scsi/scsi_transport_iscsi.c' in the Linux kernel since v2.6.24-rc1 through 4.13.2 allows local users to cause a denial of service (a system panic) by making a number of certain syscalls by leveraging incorrect length validation in the kernel code. References: http://seclists.org/oss-sec/2017/q3/506 A proposed upstream patch: https://patchwork.kernel.org/patch/9923803/
Acknowledgments: Name: ChunYu Wang (Red Hat)
Created kernel tracking bugs for this issue: Affects: fedora-all [bug 1490423]
This was fixed for Fedora with the 4.13.5 stable updates