drivers/scsi/stex.c in the Linux kernel through 5.19.9 allows local users to obtain sensitive information from kernel memory because stex_queuecommand_lck lacks a memset for the PASSTHRU_CMD case. CREATE(Triage):(User=admin) CVE-2022-40768 (https://nvd.nist.gov/vuln/detail/CVE-2022-40768)