39 matches found
Astra Linux - уязвимость в linux-5.10, linux
In the Linux kernel, from version 5.19.9 onwards, the drivers/scsi/stex.c file allows local users to access sensitive information from kernel memory. This occurs because the stexqueuecommandlck function lacks a memset for the PASSTHRUCMD case...
EUVD-2018-6010
Malware in sbrugna...
EUVD-2018-5147
Malware in sbrugna...
Unity Linux 20.1070e Security Update: kernel (UTSA-2025-414376)
The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-414376 advisory. drivers/scsi/stex.c in the Linux kernel through 5.19.9 allows local users to obtain sensitive information from kernel memory because stexqueuecommandlck lacks a mems...
Important: kernel
Issue Overview: A vulnerability, which was classified as problematic, has been found in Linux Kernel. This issue affects the function nilfsattachlogwriter of the file fs/nilfs2/segment.c of the component BPF. The manipulation leads to memory leak. The attack may be initiated remotely. It is...
Linux Distros Unpatched Vulnerability : CVE-2022-40768
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - drivers/scsi/stex.c in the Linux kernel through 5.19.9 allows local users to obtain sensitive information from kernel memory because stexqueuecommandlck lacks a...
CVE-2018-14088
An issue was discovered in a smart contract implementation for STeX White List STEWL, an Ethereum token. The contract has an integer overflow. If the owner sets the value of amount to a large number then the "amount 1000000000000000" will cause an integer overflow in withdrawToFounders...
SUSE CVE-2022-40768
drivers/scsi/stex.c in the Linux kernel through 5.19.9 allows local users to obtain sensitive information from kernel memory because stexqueuecommandlck lacks a memset for the PASSTHRUCMD case...
CLSA-2022-1670261781 Fix of 13 CVEs
CVE-2022-42703 - mm/rmap.c: don't reuse anonvma if we just want a copy - mm: rmap: explicitly reset vma-anonvma in unlinkanonvmas - mm, rmap: handle anonvmaprepare common case inline - mm/rmap: Fix anonvma-degree ambiguity leading to double-reuse CVE-2022-3565 - mISDN: fix use-after-free bugs in...
GSD-2022-1007674 scsi: stex: Properly zero out the passthrough command structure
scsi: stex: Properly zero out the passthrough command structure This is an automated ID intended to aid in discovery of potential security vulnerabilities. The actual impact and attack plausibility have not yet been proven. This ID is fixed in Linux Kernel version v4.9.331 by commit...
GSD-2022-1007614 scsi: stex: Properly zero out the passthrough command structure
scsi: stex: Properly zero out the passthrough command structure This is an automated ID intended to aid in discovery of potential security vulnerabilities. The actual impact and attack plausibility have not yet been proven. This ID is fixed in Linux Kernel version v4.14.296 by commit...
GSD-2022-1007541 scsi: stex: Properly zero out the passthrough command structure
scsi: stex: Properly zero out the passthrough command structure This is an automated ID intended to aid in discovery of potential security vulnerabilities. The actual impact and attack plausibility have not yet been proven. This ID is fixed in Linux Kernel version v4.19.262 by commit...
GSD-2022-1007449 scsi: stex: Properly zero out the passthrough command structure
scsi: stex: Properly zero out the passthrough command structure This is an automated ID intended to aid in discovery of potential security vulnerabilities. The actual impact and attack plausibility have not yet been proven. This ID is fixed in Linux Kernel version v5.4.218 by commit...
GSD-2022-1007330 scsi: stex: Properly zero out the passthrough command structure
scsi: stex: Properly zero out the passthrough command structure This is an automated ID intended to aid in discovery of potential security vulnerabilities. The actual impact and attack plausibility have not yet been proven. This ID is fixed in Linux Kernel version v5.10.148 by commit...
GSD-2022-1007156 scsi: stex: Properly zero out the passthrough command structure
scsi: stex: Properly zero out the passthrough command structure This is an automated ID intended to aid in discovery of potential security vulnerabilities. The actual impact and attack plausibility have not yet been proven. This ID is fixed in Linux Kernel version v5.15.74 by commit...
GSD-2022-1006928 scsi: stex: Properly zero out the passthrough command structure
scsi: stex: Properly zero out the passthrough command structure This is an automated ID intended to aid in discovery of potential security vulnerabilities. The actual impact and attack plausibility have not yet been proven. This ID is fixed in Linux Kernel version v6.0.2 by commit...
PT-2022-35183 · Linux · Linux Kernel
Name of the Vulnerable Software and Affected Versions: Linux Kernel versions prior to v6.0.2 Description: The issue is related to the scsi: stex component, where the passthrough command structure is not properly zeroed out. This is an automated ID intended to aid in discovery of potential securit...
PT-2022-35869 · Linux · Linux Kernel
Name of the Vulnerable Software and Affected Versions: Linux Kernel versions prior to v4.14.296 Description: The issue is related to the scsi: stex component, where the passthrough command structure is not properly zeroed out. The actual impact and attack plausibility have not yet been proven...
PT-2022-35585 · Linux · Linux Kernel
Name of the Vulnerable Software and Affected Versions: Linux Kernel versions prior to v5.10.148 Description: The issue is related to the scsi: stex component, where the passthrough command structure is not properly zeroed out. The actual impact and attack plausibility have not yet been proven...
PT-2022-35411 · Linux · Linux Kernel
Name of the Vulnerable Software and Affected Versions: Linux Kernel versions prior to v5.15.74 Description: The issue is related to the scsi: stex component, where the passthrough command structure is not properly zeroed out. The actual impact and attack plausibility have not yet been proven...