tcmu-runner daemon version 0.9.0 to 1.2.0 is vulnerable to invalid memory references in the handler_glfs.so handler resulting in denial of service
CVSS 2.0
Severity: MEDIUM
Problem Type: CWE-119,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| tcmu-runner_project | tcmu-runner | 0.9.4 |
| tcmu-runner_project | tcmu-runner | 1.1.2 |
| tcmu-runner_project | tcmu-runner | 1.1.3 |
| tcmu-runner_project | tcmu-runner | 0.9.2 |
| tcmu-runner_project | tcmu-runner | 1.1.1 |
| tcmu-runner_project | tcmu-runner | 1.2.0 |
| tcmu-runner_project | tcmu-runner | 0.9.3 |
| tcmu-runner_project | tcmu-runner | 0.9.1 |
| tcmu-runner_project | tcmu-runner | 0.9.0 |
| tcmu-runner_project | tcmu-runner | 1.0.5 |
| tcmu-runner_project | tcmu-runner | 1.1.0 |
tcmu-runner version 0.91 up to 1.20 is vulnerable to information disclosure in handler_qcow.so resulting in non-privileged users being able to check for existence of any file with root privileges.
CVSS 2.0
Severity: MEDIUM
Problem Type: CWE-200,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| tcmu-runner_project | tcmu-runner | 0.9.4 |
| tcmu-runner_project | tcmu-runner | 1.1.2 |
| tcmu-runner_project | tcmu-runner | 1.1.3 |
| tcmu-runner_project | tcmu-runner | 0.9.2 |
| tcmu-runner_project | tcmu-runner | 1.1.1 |
| tcmu-runner_project | tcmu-runner | 1.2.0 |
| tcmu-runner_project | tcmu-runner | 0.9.3 |
| tcmu-runner_project | tcmu-runner | 0.9.1 |
| tcmu-runner_project | tcmu-runner | 1.0.5 |
| tcmu-runner_project | tcmu-runner | 1.1.0 |
tcmu-runner version 1.0.5 to 1.2.0 is vulnerable to a dbus triggered NULL pointer dereference in the tcmu-runner daemon's on_unregister_handler() function resulting in denial of service
CVSS 2.0
Severity: MEDIUM
Problem Type: CWE-476,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| tcmu-runner_project | tcmu-runner | 1.1.2 |
| tcmu-runner_project | tcmu-runner | 1.1.3 |
| tcmu-runner_project | tcmu-runner | 1.1.1 |
| tcmu-runner_project | tcmu-runner | 1.2.0 |
| tcmu-runner_project | tcmu-runner | 1.0.5 |
| tcmu-runner_project | tcmu-runner | 1.1.0 |
The tcmu-runner daemon in tcmu-runner version 1.0.5 to 1.2.0 is vulnerable to a local denial of service attack
CVSS 2.0
Severity: LOW
Problem Type: CWE-20,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| tcmu-runner_project | tcmu-runner | 1.1.2 |
| tcmu-runner_project | tcmu-runner | 1.1.3 |
| tcmu-runner_project | tcmu-runner | 1.1.1 |
| tcmu-runner_project | tcmu-runner | 1.2.0 |
| tcmu-runner_project | tcmu-runner | 1.0.5 |
| tcmu-runner_project | tcmu-runner | 1.1.0 |
In Open-iSCSI tcmu-runner 1.3.x, 1.4.x, and 1.5.x through 1.5.2, xcopy_locate_udev in tcmur_cmd_handler.c lacks a check for transport-layer restrictions, allowing remote attackers to read or write files via directory traversal in an XCOPY request. For example, an attack can occur over a network if the attacker has access to one iSCSI LUN. NOTE: relative to CVE-2020-28374, this is a similar mistake in a different algorithm.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| nvd@nist.gov | 8.1 | HIGH | CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:N | 2.8 | 5.2 |
CVSS 2.0
Severity: MEDIUM
Problem Type: CWE-22,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| tcmu-runner_project | tcmu-runner | * |