SUSE CVE-2022-40768

drivers/scsi/stex.c in the Linux kernel through 5.19.9 allows local users to obtain sensitive information from kernel memory because stexqueuecommandlck lacks a memset for the PASSTHRUCMD case...

PT-2022-4893 · Linux +6 · Linux Kernel +6

Name of the Vulnerable Software and Affected Versions: Linux kernel versions through 5.19.9 Description: The issue is related to the stex queuecommand lck function in the Linux kernel, which is associated with the disclosure of information in an error data area. This can allow an attacker to gain...