5.5 Medium
CVSS3
Attack Vector
LOCAL
Attack Complexity
LOW
Privileges Required
LOW
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
NONE
Availability Impact
NONE
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
1.7 Low
CVSS2
Access Vector
LOCAL
Access Complexity
LOW
Authentication
SINGLE
Confidentiality Impact
PARTIAL
Integrity Impact
NONE
Availability Impact
NONE
AV:L/AC:L/Au:S/C:P/I:N/A:N
0.0004 Low
EPSS
Percentile
5.7%
linux-oracle, linux-azure, linux-aws, linux-gcp, linux-kvm, linux-dell300x is vulnerable to free of use. The vulnerability exists in drivers/scsi/stex.c
because it allows local users to obtain sensitive information from kernel memory because stex_queuecommand_lck
lacks a memset.
git://git.launchpad.net/ubuntu-cve-tracker/tree/active/CVE-2022-40768
www.openwall.com/lists/oss-security/2022/09/19/1
git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/log/drivers/scsi/stex.c
lists.debian.org/debian-lts-announce/2022/12/msg00034.html
lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/GGHENNMLCWIQV2LLA56BJNFIUZ7WB4IY/
lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/S2KTU5LFZNQS7YNGE56MT46VHMXL3DD2/
lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/VNN3VFQPECS6D4PS6ZWD7AFXTOSJDSSR/
lists.fedoraproject.org/archives/list/[email protected]/message/GGHENNMLCWIQV2LLA56BJNFIUZ7WB4IY/
lists.fedoraproject.org/archives/list/[email protected]/message/S2KTU5LFZNQS7YNGE56MT46VHMXL3DD2/
lists.fedoraproject.org/archives/list/[email protected]/message/VNN3VFQPECS6D4PS6ZWD7AFXTOSJDSSR/
lore.kernel.org/all/20220908145154.2284098-1-gregkh%40linuxfoundation.org/
lore.kernel.org/all/[email protected]/
www.openwall.com/lists/oss-security/2022/09/09/1
5.5 Medium
CVSS3
Attack Vector
LOCAL
Attack Complexity
LOW
Privileges Required
LOW
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
NONE
Availability Impact
NONE
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
1.7 Low
CVSS2
Access Vector
LOCAL
Access Complexity
LOW
Authentication
SINGLE
Confidentiality Impact
PARTIAL
Integrity Impact
NONE
Availability Impact
NONE
AV:L/AC:L/Au:S/C:P/I:N/A:N
0.0004 Low
EPSS
Percentile
5.7%