Hdthky

**Name of the Vulnerable Software and Affected Versions** Linux kernel versions through 5.19.9 **Description** The issue is related to the `stex queuecommand lck()` function in the Linux kernel, which is associated with the disclosure of information in an error data area. This can allow an attacker to gain unauthorized access to protected information. The problem arises because `stex queuecommand lck` lacks a `memset` for the `PASSTHRU CMD` case, enabling local users to obtain sensitive information from kernel memory. **Recommendations** For Linux kernel versions through 5.19.9, consider updating to a version that includes a fix for this issue, as the current version allows local users to obtain sensitive information due to a missing `memset` in the `stex queuecommand lck` function for the `PASSTHRU CMD` case. At the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** radare2 versions prior to 5.6.8 **Description** The issue is related to a heap-use-after-free condition, which can cause a denial of service. This condition occurs when memory is accessed after it has been freed, potentially leading to program crashes or other unexpected behavior. **Recommendations** For versions prior to 5.6.8, update to version 5.6.8 or later to resolve the issue.

**Name of the Vulnerable Software and Affected Versions** radare2 versions prior to 5.6.8 **Description** The issue is a heap-buffer-overflow that can cause a denial of service. It is located in the GitHub repository radareorg/radare2. **Recommendations** For versions prior to 5.6.8, update to version 5.6.8 or later to resolve the issue.