Three vulnerabilities found in the iSCSI subsystem of the Linux kernel could allow local attackers with basic user privileges to gain root privileges on unpatched Linux systems. Researchers discovered the bugs 15 years after they were introduced in 2006. The vulnerabilities affect all Linux distributions, but luckily, the vulnerable scsi_transport_iscsi module is not loaded by default. The bugs can only be exploited locally, which means attackers will have to gain access to vulnerable devices by exploiting another vulnerability or using an alternative attack vector.
Source: https://www.bleepingcomputer.com/news/security/15-year-old-linux-kernel-bugs-let-attackers-gain-root-privileges/