Headline
CVE-2022-40768: git/torvalds/linux.git - Linux kernel source tree
drivers/scsi/stex.c in the Linux kernel through 5.19.9 allows local users to obtain sensitive information from kernel memory because stex_queuecommand_lck lacks a memset for the PASSTHRU_CMD case.
AgeCommit message (Expand)AuthorFilesLines 2021-10-16scsi: core: Remove the ‘done’ argument from SCSI queuecommand_lck functionsBart Van Assche1-2/+2 2021-10-16scsi: stex: Call scsi_done() directlyBart Van Assche1-4/+2 2021-08-11scsi: stex: Use scsi_cmd_to_rq() instead of scsi_cmnd.requestBart Van Assche1-3/+3 2021-05-31scsi: core: Kill DRIVER_SENSEHannes Reinecke1-2/+2 2021-05-31scsi: core: Introduce scsi_build_sense()Hannes Reinecke1-4/+1 2021-01-22scsi: stex: Do not set COMMAND_COMPLETEHannes Reinecke1-12/+13 2020-12-02scsi: stex: Fix fall-through warnings for ClangGustavo A. R. Silva1-0/+1 2020-03-11scsi: Replace zero-length array with flexible-array memberGustavo A. R. Silva1-1/+1 2019-05-30treewide: Replace GPLv2 boilerplate/reference with SPDX - rule 152Thomas Gleixner1-6/+1 2018-12-18scsi: remove the use_clustering flagChristoph Hellwig1-1/+1 2018-12-18scsi: make sure all drivers set the use_clustering flagChristoph Hellwig1-0/+1 2018-11-15scsi: stex: use dma_set_mask_and_coherentChristoph Hellwig1-14/+3 2017-04-26scsi: stex: make S6flag staticColin Ian King1-1/+1 2017-03-15scsi: stex: Add S6 supportCharles1-2/+23 2017-03-15scsi: stex: Support Pegasus 3 productCharles1-67/+195 2016-02-23stex: Add S3/S4 supportCharles1-3/+65 2016-02-23stex: Add hotplug supportCharles1-19/+34 2016-02-23stex: Support to Pegasus series.Charles1-6/+26 2015-11-09stex: Remove use of struct timevalTina Ruchandani1-10/+3 2015-11-09scsi: use host wide tags by defaultChristoph Hellwig1-8/+0 2014-11-12scsi: don’t force tagged_supported in driversChristoph Hellwig1-11/+0 2014-11-12scsi: don’t set tagging state from scsi_adjust_queue_depthChristoph Hellwig1-2/+0 2014-11-12scsi: always assign block layer tags if enabledChristoph Hellwig1-8/+2 2014-11-12scsi: Remove scsi_print_command when calling abortHannes Reinecke1-6/+3 2013-10-14SCSI: remove unnecessary pci_set_drvdata()Jingoo Han1-2/+0 2013-01-03Drivers: scsi: remove __dev* attributes.Greg Kroah-Hartman1-3/+2 2010-11-16SCSI host lock push-downJeff Garzik1-1/+3 2010-03-30include cleanup: Update gfp.h and slab.h includes to prepare for breaking imp…Tejun Heo1-0/+1 2010-01-04[SCSI] stex: fix scan of nonexistent lunEd Lin1-0/+5 2009-10-29[SCSI] stex: update version to 4.6.0000.4Ed Lin1-4/+4 2009-10-29[SCSI] stex: add support for reset request from firmwareEd Lin1-83/+166 2009-10-29[SCSI] stex: add small dma buffer supportEd Lin1-5/+20 2009-09-05[SCSI] stex: Add reset code for st_yel (v2)Ed Lin1-4/+29 2009-04-07dma-mapping: replace all DMA_32BIT_MASK macro with DMA_BIT_MASK(32)Yang Hongyang1-2/+2 2009-04-07dma-mapping: replace all DMA_64BIT_MASK macro with DMA_BIT_MASK(64)Yang Hongyang1-2/+2 2009-04-03[SCSI] stex: update version to 4.6.0000.3Ed Lin1-5/+5 2009-04-03[SCSI] stex: add new 6G controller supportEd Lin1-31/+351 2009-04-03[SCSI] stex: use config struct for parameters of different controllersEd Lin1-76/+125 2009-04-03[SCSI] stex: add MSI supportEd Lin1-5/+43 2009-04-03[SCSI] stex: small code fixes and changesEd Lin1-65/+60 2009-03-12[SCSI] stex: Version updateEd Lin - PTU1-3/+3 2009-03-12[SCSI] stex: Small fixesEd Lin - PTU1-6/+22 2009-03-12[SCSI] stex: Fix for controller type st_yosemiteEd Lin - PTU1-61/+3 2009-03-12[SCSI] stex: Add new device idEd Lin - PTU1-2/+6 2009-03-12[SCSI] stex: Fix for potential invalid responseEd Lin - PTU1-0/+1 2008-12-29[SCSI] advansys, arcmsr, ipr, nsp32, qla1280, stex: use pci_ioremap_bar()Arjan van de Ven1-2/+1 2008-12-01[SCSI] stex: switch to block timeoutJames Bottomley1-1/+1 2008-07-26[SCSI] stex: fix queue depth settingMike Christie1-1/+1 2008-04-07[SCSI] stex: use scsi_build_sense_bufferFUJITA Tomonori1-12/+5 2008-04-07[SCSI] stex: use sg buffer copy helper functionsFUJITA Tomonori1-56/+10 2008-02-22[SCSI] stex: stex_internal_copy should be called with sg_count in struct st_ccbFUJITA Tomonori1-4/+6 2008-02-22[SCSI] stex: stex_direct_copy shouldn’t call dma_map_sgFUJITA Tomonori1-22/+12 2008-01-30[SCSI] remove use_sg_chainingJames Bottomley1-1/+0 2007-10-16[SCSI] add use_sg_chaining option to scsi_host_templateFUJITA Tomonori1-0/+1 2007-07-14[SCSI] stex: use resid for xfer len informationEd Lin1-2/+2 2007-05-30[SCSI] Merge up to linux-2.6 headJames Bottomley1-36/+54 2007-05-29[SCSI] stex: convert to use the data buffer accessorsFUJITA Tomonori1-73/+36 2007-05-16[SCSI] stex: minor cleanup and version updateEd Lin1-3/+13 2007-05-16[SCSI] stex: fix reset recovery for console deviceEd Lin1-0/+7 2007-05-16[SCSI] stex: extend hard reset wait timeEd Lin1-1/+6 2007-05-16[SCSI] stex: fix id mapping issueEd Lin1-32/+28 2007-02-14[PATCH] remove many unneeded #includes of sched.hTim Schmielau1-1/+0 2006-12-05[SCSI] stex: version updateEd Lin1-4/+2 2006-12-05[SCSI] stex: change wait loop codeEd Lin1-21/+20 2006-12-05[SCSI] stex: add new device type supportEd Lin1-7/+21 2006-12-05[SCSI] stex: update device id infoEd Lin1-9/+26 2006-12-05[SCSI] stex: adjust default queue lengthEd Lin1-1/+10 2006-12-05[SCSI] stex: add value check in hard reset routineEd Lin1-1/+1 2006-12-05[SCSI] stex: fix controller_info command handlingEd Lin1-0/+1 2006-12-05[SCSI] stex: fix biosparam calculationEd Lin1-3/+3 2006-10-05IRQ: Maintain regs pointer globally rather than passing to IRQ handlersDavid Howells1-1/+1 2006-10-01[SCSI] stex: add new device (id 0x8650) supportEd Lin1-30/+164 2006-10-01[SCSI] stex: cancel unused field in struct req_msgEd Lin1-2/+1 2006-09-02[SCSI] add failure return to scsi_init_shared_tag_map()James Bottomley1-3/+2 2006-09-02[SCSI] stex: add shared tags from blockEd Lin1-120/+57 2006-09-02[SCSI] Add Promise SuperTrak driverJeff Garzik1-0/+1316
Related news
Dell VxRail versions earlier than 7.0.450, contain(s) an OS command injection vulnerability in VxRail Manager. A local authenticated attacker could potentially exploit this vulnerability, leading to the execution of arbitrary OS commands on the application's underlying OS, with the privileges of the vulnerable application. Exploitation may lead to a system take over by an attacker.
Ubuntu Security Notice 5774-1 - Jann Horn discovered that the Linux kernel did not properly track memory allocations for anonymous VMA mappings in some situations, leading to potential data structure reuse. A local attacker could use this to cause a denial of service or possibly execute arbitrary code. It was discovered that a race condition existed in the instruction emulator of the Linux kernel on Arm 64-bit systems. A local attacker could use this to cause a denial of service.
Kernel subsystem within OpenHarmony-v3.1.4 and prior versions in kernel_liteos_a has a kernel stack overflow vulnerability when call SysClockGetres. 4 bytes padding data from kernel stack are copied to user space incorrectly and leaked.
Ubuntu Security Notice 5758-1 - Jann Horn discovered that the Linux kernel did not properly track memory allocations for anonymous VMA mappings in some situations, leading to potential data structure reuse. A local attacker could use this to cause a denial of service or possibly execute arbitrary code. It was discovered that the video4linux driver for Empia based TV cards in the Linux kernel did not properly perform reference counting in some situations, leading to a use-after-free vulnerability. A local attacker could use this to cause a denial of service or possibly execute arbitrary code.
Ubuntu Security Notice 5728-3 - Jann Horn discovered that the Linux kernel did not properly track memory allocations for anonymous VMA mappings in some situations, leading to potential data structure reuse. A local attacker could use this to cause a denial of service or possibly execute arbitrary code. It was discovered that a race condition existed in the memory address space accounting implementation in the Linux kernel, leading to a use-after-free vulnerability. A local attacker could use this to cause a denial of service or possibly execute arbitrary code.
Ubuntu Security Notice 5729-2 - It was discovered that a race condition existed in the instruction emulator of the Linux kernel on Arm 64-bit systems. A local attacker could use this to cause a denial of service. Hsin-Wei Hung discovered that the BPF subsystem in the Linux kernel contained an out-of-bounds read vulnerability in the x86 JIT compiler. A local attacker could possibly use this to cause a denial of service or expose sensitive information.
Ubuntu Security Notice 5728-2 - Jann Horn discovered that the Linux kernel did not properly track memory allocations for anonymous VMA mappings in some situations, leading to potential data structure reuse. A local attacker could use this to cause a denial of service or possibly execute arbitrary code. It was discovered that a race condition existed in the memory address space accounting implementation in the Linux kernel, leading to a use-after-free vulnerability. A local attacker could use this to cause a denial of service or possibly execute arbitrary code.
Ubuntu Security Notice 5727-2 - It was discovered that a race condition existed in the instruction emulator of the Linux kernel on Arm 64-bit systems. A local attacker could use this to cause a denial of service. It was discovered that the KVM implementation in the Linux kernel did not properly handle virtual CPUs without APICs in certain situations. A local attacker could possibly use this to cause a denial of service.
Ubuntu Security Notice 5729-1 - It was discovered that a race condition existed in the instruction emulator of the Linux kernel on Arm 64-bit systems. A local attacker could use this to cause a denial of service. Hsin-Wei Hung discovered that the BPF subsystem in the Linux kernel contained an out-of-bounds read vulnerability in the x86 JIT compiler. A local attacker could possibly use this to cause a denial of service or expose sensitive information.
Ubuntu Security Notice 5727-1 - It was discovered that a race condition existed in the instruction emulator of the Linux kernel on Arm 64-bit systems. A local attacker could use this to cause a denial of service. It was discovered that the KVM implementation in the Linux kernel did not properly handle virtual CPUs without APICs in certain situations. A local attacker could possibly use this to cause a denial of service.
Ubuntu Security Notice 5728-1 - Jann Horn discovered that the Linux kernel did not properly track memory allocations for anonymous VMA mappings in some situations, leading to potential data structure reuse. A local attacker could use this to cause a denial of service or possibly execute arbitrary code. It was discovered that a race condition existed in the memory address space accounting implementation in the Linux kernel, leading to a use-after-free vulnerability. A local attacker could use this to cause a denial of service or possibly execute arbitrary code.
Ubuntu Security Notice 5693-1 - David Bouman and Billy Jheng Bing Jhong discovered that a race condition existed in the io_uring subsystem in the Linux kernel, leading to a use- after-free vulnerability. A local attacker could use this to cause a denial of service or possibly execute arbitrary code. Duoming Zhou discovered that race conditions existed in the timer handling implementation of the Linux kernel's Rose X.25 protocol layer, resulting in use-after-free vulnerabilities. A local attacker could use this to cause a denial of service.