Product SiteDocumentation Site

1.254. scsi-target-utils

1.254.1. RHSA-2011:0332: Important security update

An updated scsi-target-utils package that fixes one security issue is now available for Red Hat Enterprise Linux 5 and 6.
The Red Hat Security Response Team has rated this update as having important security impact. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available from the CVE link in the References section.
The scsi-target-utils package contains the daemon and tools to set up and monitor SCSI targets. Currently, iSCSI software and iSER targets are supported.
A double-free flaw was found in scsi-target-utils' tgtd daemon. A remote attacker could trigger this flaw by sending carefully-crafted network traffic, causing the tgtd daemon to crash. (CVE-2011-0001)
Red Hat would like to thank Emmanuel Bouillon of NATO C3 Agency for reporting this issue.
All scsi-target-utils users should upgrade to this updated package, which contains a backported patch to correct this issue. All running scsi-target-utils services must be restarted for the update to take effect.

1.254.2. RHBA-2011:0734: bug fix and enhancement update

An updated scsi-target-utils package that fixes multiple bugs and adds an enhancement is now available.
The scsi-target-utils package contains tools and a daemon used to set up iSCSI and iSER targets.
This updated package also contains a number of bug fixes:
  • Providing an existing target name to tgt-setup-lun when attempting to add a new LUN based on a non-existent device correctly resulted in failure because a target with the same name already existed. If the user then followed the utility's suggestion to add the new LUN to the existing target, the operation failed (again, correctly) because the device did not exist. However, the roll-back action associated with this second failure resulted in the target being removed. The roll-back action now checks whether the target pre-existed the failed actions, so the target is not removed in this circumstance. (BZ#676337)
  • Attempting to run iscsid and the tgtd on the same machine results in semaphore errors being logged by both daemons because of an identifier collision. This has been corrected, and these errors no longer appear. (BZ#677475)
This update also includes the following enhancement:
  • Support for read-only target devices has been added to scsi-target-utils. Set read-only devices with the "--params" option of the tgtadm command, like so:
    tgtadm --lld iscsi --mode logicalunit --op update --tid 1 --lun 1 --params readonly=1
    ...or add "readonly 1" to the target element of your targets.conf file. Note that "allow-in-use" must also be set if you enable read-only targets in the targets.conf file. (BZ#616402)
All users of scsi-target-utils are advised to upgrade to this updated package, which resolves these issues.