CVE-2022-0494

Updated: 2024-11-23 05:10:47.656667

Description:

A kernel information leak flaw was identified in the scsi_ioctl function in drivers/scsi/scsi_ioctl.c in the Linux kernel. This flaw allows a local attacker with a special user privilege (CAP_SYS_ADMIN or CAP_SYS_RAWIO) to create issues with confidentiality.


Links NIST CIRCL RHEL Ubuntu

Severity

Severity Score
CVSS Version 2.x MEDIUM 4.9
CVSS Version 3.x MEDIUM 4.4

Status

OS name Project name Version Score Severity Status Errata Last updated

Statement
AlmaLinux 9.2 ESU kernel 5.14.0 4.4 MEDIUM Ignored 2023-11-21 04:12:24
CentOS 6 ELS kernel 2.6.32 4.4 MEDIUM Ignored 2022-04-08 06:56:56
CentOS 7 ELS kernel 3.10.0 4.4 MEDIUM Ignored 2023-09-19 09:30:05
CentOS 8.4 ELS kernel 4.18.0 4.4 MEDIUM Released CLSA-2023:1701963303 2023-12-07 16:28:16
CentOS 8.5 ELS kernel 4.18.0 4.4 MEDIUM Released CLSA-2023:1701962635 2023-12-07 10:27:17
CloudLinux 6 ELS kernel 2.6.32 4.4 MEDIUM Ignored 2022-04-08 06:56:56
Oracle Linux 6 ELS kernel 2.6.32 4.4 MEDIUM Ignored 2022-04-08 06:56:56
Ubuntu 16.04 ELS linux 4.4.0 4.4 MEDIUM Released CLSA-2023:1682604577 2023-04-27 11:13:19
Ubuntu 16.04 ELS linux-hwe 4.15.0 4.4 MEDIUM Already Fixed 2023-04-21 03:22:29
Ubuntu 18.04 ELS linux 4.15.0 4.4 MEDIUM Ignored 2023-03-02 04:04:07