Kernel Information Leak Vulnerability in Linux SCSI IOCTL Function

Kernel Information Leak Vulnerability in Linux SCSI IOCTL Function

CVE-2022-0494 · MEDIUM Severity

CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:N

A kernel information leak flaw was identified in the scsi_ioctl function in drivers/scsi/scsi_ioctl.c in the Linux kernel. This flaw allows a local attacker with a special user privilege (CAP_SYS_ADMIN or CAP_SYS_RAWIO) to create issues with confidentiality.

Learn more about our Cis Benchmark Audit For Distribution Independent Linux.