Логотип exploitDog
Консоль
Логотип exploitDog

exploitDog

redhat логотип

CVE-2022-0494

Опубликовано: 16 фев. 2022
Источник: redhat
CVSS3: 4.4

Описание

A kernel information leak flaw was identified in the scsi_ioctl function in drivers/scsi/scsi_ioctl.c in the Linux kernel. This flaw allows a local attacker with a special user privilege (CAP_SYS_ADMIN or CAP_SYS_RAWIO) to create issues with confidentiality.

Меры по смягчению последствий

Mitigation for this issue is either not available or the currently available options don't meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base, or stability.

Затронутые пакеты

ПлатформаПакетСостояниеРекомендацияРелиз
Red Hat Enterprise Linux 6kernelOut of support scope
Red Hat Enterprise Linux 7kernelOut of support scope
Red Hat Enterprise Linux 7kernel-rtOut of support scope
Red Hat Enterprise Linux 8kernel-rtFixedRHSA-2022:713425.10.2022
Red Hat Enterprise Linux 8kernelFixedRHSA-2022:711025.10.2022
Red Hat Enterprise Linux 8.4 Extended Update Supportkernel-rtFixedRHSA-2022:624830.08.2022
Red Hat Enterprise Linux 8.4 Extended Update SupportkernelFixedRHSA-2022:624331.08.2022
Red Hat Enterprise Linux 9kernelFixedRHSA-2022:600309.08.2022
Red Hat Enterprise Linux 9kernel-rtFixedRHSA-2022:600209.08.2022
Red Hat Enterprise Linux 9kernelFixedRHSA-2022:600309.08.2022

Показывать по

Ссылки на источники

Дополнительная информация

Статус:

Moderate
Дефект:
CWE-908
https://bugzilla.redhat.com/show_bug.cgi?id=2039448kernel: information leak in scsi_ioctl()

4.4 Medium

CVSS3

Связанные уязвимости

ubuntu логотип

CVE-2022-0494

CVSS3: 4.4
ubuntu
почти 4 года назад

A kernel information leak flaw was identified in the scsi_ioctl function in drivers/scsi/scsi_ioctl.c in the Linux kernel. This flaw allows a local attacker with a special user privilege (CAP_SYS_ADMIN or CAP_SYS_RAWIO) to create issues with confidentiality.

nvd логотип

CVE-2022-0494

CVSS3: 4.4
nvd
почти 4 года назад

A kernel information leak flaw was identified in the scsi_ioctl function in drivers/scsi/scsi_ioctl.c in the Linux kernel. This flaw allows a local attacker with a special user privilege (CAP_SYS_ADMIN or CAP_SYS_RAWIO) to create issues with confidentiality.

msrc логотип

CVE-2022-0494

CVSS3: 4.4
msrc
больше 3 лет назад

A kernel information leak flaw was identified in the scsi_ioctl function in drivers/scsi/scsi_ioctl.c in the Linux kernel. This flaw allows a local attacker with a special user privilege (CAP_SYS_ADMIN or CAP_SYS_RAWIO) to create issues with confidentiality.

debian логотип

CVE-2022-0494

CVSS3: 4.4
debian
почти 4 года назад

A kernel information leak flaw was identified in the scsi_ioctl functi ...

github логотип

GHSA-c6f2-mj5c-wfq2

CVSS3: 4.4
github
почти 4 года назад

A kernel information leak flaw was identified in the scsi_ioctl function in drivers/scsi/scsi_ioctl.c in the Linux kernel. This flaw allows a local attacker with a special user privilege (CAP_SYS_ADMIN or CAP_SYS_RAWIO) to create issues with confidentiality.

4.4 Medium

CVSS3