Published: 29/10/2022 Updated: 25/11/2023

CVSS v3 Base Score: 7.8 | Impact Score: 5.9 | Exploitability Score: 1.8

VMScore: 0

multipath-tools 0.7.7 up to and including 0.9.x prior to 0.9.2 allows local users to obtain root access, as exploited in conjunction with CVE-2022-41974. Local users able to access /dev/shm can change symlinks in multipathd due to incorrect symlink handling, which could lead to controlled file writes outside of the /dev/shm directory. This could be used indirectly for local privilege escalation to root.

Vulnerable Product	Search on Vulmon	Subscribe to Product
opensvc multipath-tools
fedoraproject fedora 36
debian debian linux 10.0

Debian Bug report logs - #1022742 multipath-tools: CVE-2022-41973 CVE-2022-41974 Package: src:multipath-tools; Maintainer for src:multipath-tools is Debian DM Multipath Team <team+linux-blocks@trackerdebianorg>; Reported by: Salvatore Bonaccorso <carnil@debianorg> Date: Mon, 24 Oct 2022 20:21:02 UTC Severity: grav ...

Several security issues were fixed in multipath-tools ...

The Qualys Research Labs reported an authorization bypass (CVE-2022-41974) and a symlink attack (CVE-2022-41973) in multipath-tools, a set of tools to drive the Device Mapper multipathing driver, which may result in local privilege escalation Please refer to /usr/share/doc/multipath-tools/NEWSDebiangz for backwards-incompatible changes in this u ...

Synopsis Moderate: device-mapper-multipath security and bug fix update Type/Severity Security Advisory: Moderate Red Hat Insights patch analysis Identify and remediate systems affected by this advisory View affected systems Topic An update for device-mapper-multipath is now available for Red Hat Enterprise Linux 9Red Hat Product S ...

Synopsis Critical: Multicluster Engine for Kubernetes 209 security fixes and container updates Type/Severity Security Advisory: Critical Topic Multicluster Engine for Kubernetes 209 General Availability release images, which fix security issues and update container imagesRed Hat Product Security has rated this update as having a security ...

Synopsis Critical: Multicluster Engine for Kubernetes 217 security fixes and container updates Type/Severity Security Advisory: Critical Topic Multicluster Engine for Kubernetes 217 General Availability release images, which address security issues and update container imagesRed Hat Product Security has rated this update as having a secu ...

Synopsis Critical: Multicluster Engine for Kubernetes 224 security fixes and container updates Type/Severity Security Advisory: Critical Topic Multicluster Engine for Kubernetes 224 General Availability release images, which fix security issues and update container imagesRed Hat Product Security has rated this update as having a security ...

Synopsis Critical: Red Hat Advanced Cluster Management 259 security fixes and container updates Type/Severity Security Advisory: Critical Topic Red Hat Advanced Cluster Management for Kubernetes 259 GeneralAvailability release images, which fix security issues and update container imagesRed Hat Product Security has rated this update as h ...

Synopsis Important: OpenShift Container Platform 4132 bug fix and security update Type/Severity Security Advisory: Important Topic Red Hat OpenShift Container Platform release 4132 is now available with updates to packages and images that fix several bugs and add enhancementsThis release includes a security update for Red Hat OpenShift C ...

Description This CVE is under investigation by Red Hat Product Security ...

The Qualys Research Team has discovered authorization bypass and symlink vulnerabilities in multipathd The authorization bypass was introduced in version 070 and the symlink vulnerability was introduced in version 077 ...

Qualys discovered a race condition (CVE-2022-3328) in snap-confine, a SUID-root program installed by default on Ubuntu In this advisory,they tell the story of this vulnerability (which was introduced in February 2022 by the patch for CVE-2021-44731) and detail how they exploited it in Ubuntu Server (a local privilege escalation, from any user to r ...

CVE-2022-3328 with CVE-2022-41974 and CVE-2022-41973

CVE-2022-3328 CVE-2022-3328 with CVE-2022-41974 and CVE-2022-41973 from: wwwqualyscom/2022/11/30/cve-2022-3328/advisory-snaptxt blogqualyscom/vulnerabilities-threat-research/2022/11/30/race-condition-in-snap-confines-must_mkdir_and_open_with_perms-cve-2022-3328

CWE-59 https://github.com/opensvc/multipath-tools/releases/tag/0.9.2 http://www.openwall.com/lists/oss-security/2022/10/24/2 https://bugzilla.suse.com/show_bug.cgi?id=1202739 http://seclists.org/fulldisclosure/2022/Oct/25 http://packetstormsecurity.com/files/169611/Leeloo-Multipath-Authorization-Bypass-Symlink-Attack.html https://www.qualys.com/2022/10/24/leeloo-multipath/leeloo-multipath.txt http://www.openwall.com/lists/oss-security/2022/11/30/2 http://seclists.org/fulldisclosure/2022/Dec/4 http://packetstormsecurity.com/files/170176/snap-confine-must_mkdir_and_open_with_perms-Race-Condition.html https://lists.debian.org/debian-lts-announce/2022/12/msg00037.html https://www.debian.org/security/2023/dsa-5366 https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/QIGZM5NOOMFDCITOLQEJNNX5SCRQLQVV/https://security.gentoo.org/glsa/202311-06 https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1022742 https://ubuntu.com/security/notices/USN-5731-1 https://nvd.nist.gov https://www.debian.org/security/2023/dsa-5366

CVE-2022-41973

Vulnerability Summary

Vulnerability Trend

Vendor Advisories

Exploits

Github Repositories

References

Vulmon Search

About

Products

Connect