CVE-2022-40768 – drivers/scsi/stex.c in the Linux kernel through 5.19.9 allows local users to obtain sensit …

Vuln ID: CVE-2022-40768

Published:  2022-09-18  05:15:08Z

Description: drivers/scsi/stex.c in the Linux kernel through 5.19.9 allows local users to obtain sensitive information from kernel memory because stex_queuecommand_lck lacks a memset for the PASSTHRU_CMD case.

Source: NVD.NIST.GOV