Описание
The sg_ioctl function in drivers/scsi/sg.c in the Linux kernel before 4.13.4 allows local users to obtain sensitive information from uninitialized kernel heap-memory locations via an SG_GET_REQUEST_TABLE ioctl call for /dev/sg0.
Ссылки
- Issue TrackingPatchThird Party Advisory
- Release NotesVendor Advisory
- Third Party AdvisoryVDB Entry
- Issue TrackingPatchThird Party Advisory
- Issue TrackingPatchThird Party Advisory
- Release NotesVendor Advisory
- Third Party AdvisoryVDB Entry
- Issue TrackingPatchThird Party Advisory
Уязвимые конфигурации
EPSS
5.5 Medium
CVSS3
2.1 Low
CVSS2
Дефекты
Связанные уязвимости
The sg_ioctl function in drivers/scsi/sg.c in the Linux kernel before 4.13.4 allows local users to obtain sensitive information from uninitialized kernel heap-memory locations via an SG_GET_REQUEST_TABLE ioctl call for /dev/sg0.
The sg_ioctl function in drivers/scsi/sg.c in the Linux kernel before 4.13.4 allows local users to obtain sensitive information from uninitialized kernel heap-memory locations via an SG_GET_REQUEST_TABLE ioctl call for /dev/sg0.
The sg_ioctl function in drivers/scsi/sg.c in the Linux kernel before ...
The sg_ioctl function in drivers/scsi/sg.c in the Linux kernel before 4.13.4 allows local users to obtain sensitive information from uninitialized kernel heap-memory locations via an SG_GET_REQUEST_TABLE ioctl call for /dev/sg0.
ELSA-2019-4823: Unbreakable Enterprise kernel security update (IMPORTANT)
EPSS
5.5 Medium
CVSS3
2.1 Low
CVSS2