A kernel information leak flaw was identified in the scsi_ioctl function in drivers/scsi/scsi_ioctl.c in the Linux kernel. This flaw allows a local attacker with a special user privilege (CAP_SYS_ADMIN or CAP_SYS_RAWIO) to create issues with confidentiality.
References
Link | Resource |
---|---|
https://bugzilla.redhat.com/show_bug.cgi?id=2039448 | Issue Tracking |
https://lists.debian.org/debian-lts-announce/2022/07/msg00000.html | Mailing List Third Party Advisory |
https://lore.kernel.org/all/20220216084038.15635-1-tcs.kernel%40gmail.com/ | |
https://www.debian.org/security/2022/dsa-5161 | Third Party Advisory |
https://www.debian.org/security/2022/dsa-5173 | Third Party Advisory |
Configurations
Configuration 1 (hide)
|
Configuration 2 (hide)
|
History
21 Jul 2023, 17:07
Type | Values Removed | Values Added |
---|---|---|
CWE | CWE-908 |
19 Oct 2022, 12:48
Type | Values Removed | Values Added |
---|---|---|
CPE | cpe:2.3:o:debian:debian_linux:10.0:*:*:*:*:*:*:* cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:* cpe:2.3:o:debian:debian_linux:11.0:*:*:*:*:*:*:* |
|
References | (DEBIAN) https://www.debian.org/security/2022/dsa-5173 - Third Party Advisory | |
References | (MLIST) https://lists.debian.org/debian-lts-announce/2022/07/msg00000.html - Mailing List, Third Party Advisory | |
References | (DEBIAN) https://www.debian.org/security/2022/dsa-5161 - Third Party Advisory |
04 Jul 2022, 11:15
Type | Values Removed | Values Added |
---|---|---|
References |
|
01 Jul 2022, 14:15
Type | Values Removed | Values Added |
---|---|---|
References |
|
13 Jun 2022, 11:15
Type | Values Removed | Values Added |
---|---|---|
References |
|
07 Apr 2022, 19:40
Type | Values Removed | Values Added |
---|---|---|
CPE | cpe:2.3:o:linux:linux_kernel:5.17:rc1:*:*:*:*:*:* cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:* cpe:2.3:o:linux:linux_kernel:5.17:rc3:*:*:*:*:*:* cpe:2.3:o:linux:linux_kernel:5.17:rc4:*:*:*:*:*:* cpe:2.3:o:linux:linux_kernel:5.17:rc2:*:*:*:*:*:* cpe:2.3:o:linux:linux_kernel:5.17:-:*:*:*:*:*:* |
|
CVSS |
v2 : v3 : |
v2 : 4.9
v3 : 4.4 |
CWE | CWE-200 | |
References | (MISC) https://bugzilla.redhat.com/show_bug.cgi?id=2039448 - Issue Tracking | |
References | (MISC) https://lore.kernel.org/all/20220216084038.15635-1-tcs.kernel@gmail.com/ - Exploit, Mailing List, Vendor Advisory |
25 Mar 2022, 19:44
Type | Values Removed | Values Added |
---|---|---|
New CVE |
Information
Published : 2022-03-25 19:15
Updated : 2024-02-04 22:29
NVD link : CVE-2022-0494
Mitre link : CVE-2022-0494
CVE.ORG link : CVE-2022-0494
JSON object : View
Products Affected
debian
- debian_linux
linux
- linux_kernel