targetcli-fb: Multiple vulnerabilities — GLSA 202008-22

Multiple vulnerabilities have been found in targetcli-fb, the worst of which could result in privilege escalation.

Affected packages

sys-block/targetcli-fb on all architectures
Affected versions < 2.1.53
Unaffected versions >= 2.1.53

Background

Tool for managing the Linux LIO kernel target.

Description

Multiple vulnerabilities have been discovered in targetcli-fb. Please review the CVE identifiers referenced below for details.

Impact

Please review the referenced CVE identifiers for details.

Workaround

There is no known workaround at this time.

Resolution

All targetcli-fb users should upgrade to the latest version:

 # emerge --sync
 # emerge --ask --oneshot --verbose ">=sys-block/targetcli-fb-2.1.53"
 

References

Release date
August 30, 2020

Latest revision
August 30, 2020: 1

Severity
normal

Exploitable
local

Bugzilla entries