Kernel Information Leak Vulnerability in Linux SCSI IOCTL Function
CVE-2022-0494 · MEDIUM Severity
CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:N
A kernel information leak flaw was identified in the scsi_ioctl function in drivers/scsi/scsi_ioctl.c in the Linux kernel. This flaw allows a local attacker with a special user privilege (CAP_SYS_ADMIN or CAP_SYS_RAWIO) to create issues with confidentiality.
Learn more about our Cis Benchmark Audit For Distribution Independent Linux.