GSD-2022-1007674 scsi: stex: Properly zero out the passthrough command structure

scsi: stex: Properly zero out the passthrough command structure This is an automated ID intended to aid in discovery of potential security vulnerabilities. The actual impact and attack plausibility have not yet been proven. This ID is fixed in Linux Kernel version v4.9.331 by commit...

GSD-2022-1006928 scsi: stex: Properly zero out the passthrough command structure

scsi: stex: Properly zero out the passthrough command structure This is an automated ID intended to aid in discovery of potential security vulnerabilities. The actual impact and attack plausibility have not yet been proven. This ID is fixed in Linux Kernel version v6.0.2 by commit...

PT-2022-35183 · Linux · Linux Kernel

Name of the Vulnerable Software and Affected Versions: Linux Kernel versions prior to v6.0.2 Description: The issue is related to the scsi: stex component, where the passthrough command structure is not properly zeroed out. This is an automated ID intended to aid in discovery of potential securit...

PT-2022-35585 · Linux · Linux Kernel

Name of the Vulnerable Software and Affected Versions: Linux Kernel versions prior to v5.10.148 Description: The issue is related to the scsi: stex component, where the passthrough command structure is not properly zeroed out. The actual impact and attack plausibility have not yet been proven...

AZL-10978 CVE-2022-40768 affecting package kernel for versions less than 5.15.82.1-1

drivers/scsi/stex.c in the Linux kernel through 5.19.9 allows local users to obtain sensitive information from kernel memory because stexqueuecommandlck lacks a memset for the PASSTHRUCMD case...

CVE-2022-40768

drivers/scsi/stex.c in the Linux kernel through 5.19.9 allows local users to obtain sensitive information from kernel memory because stexqueuecommandlck lacks a memset for the PASSTHRUCMD case...