CVE-2020-10699: 
Alibaba Cloud Linux (Aliyun Linux) vulnerability analysis and mitigation

CVE-2020-10699 is a security vulnerability discovered in targetcli-fb versions 2.1.50 and 2.1.51, where the socket used by targetclid (/var/run/targetclid.sock) was configured with world-writable permissions. The vulnerability was disclosed on April 15, 2020, affecting Linux systems with these specific versions of targetcli-fb installed (NVD, Ubuntu).

The vulnerability stems from the systemd socket unit failing to specify a SocketMode, resulting in the socket being created with world-writable permissions (0666). The targetclid daemon runs as root and provides a /var/run/targetclid.sock socket to which clients can write commands, which it executes on their behalf. Due to the world-writable permissions, any unprivileged user can write to the socket, and targetclid will execute the commands even without proper privileges (GitHub Issue).

If a system enables the targetclid socket, a local attacker can exploit this vulnerability to modify the iSCSI configuration and escalate their privileges to root. This allows unauthorized users to execute arbitrary commands with root privileges, potentially leading to complete system compromise (Ubuntu).

Several mitigation options are available: 1) Do not enable targetclid to prevent the socket from being created, 2) Manually change the socket's permissions every time it is created using 'sudo chmod 0600 /var/run/targetclid.sock', or 3) Update to targetcli-fb version 2.1.52 or later which contains the fix (Red Hat Bugzilla).