Debian Bug report logs -
#1022742
multipath-tools: CVE-2022-41973 CVE-2022-41974
Package:
src:multipath-tools;
Maintainer for src:multipath-tools is Debian DM Multipath Team <team+linux-blocks@trackerdebianorg>;
Reported by: Salvatore Bonaccorso <carnil@debianorg>
Date: Mon, 24 Oct 2022 20:21:02 UTC
Severity: grav ...
Several security issues were fixed in multipath-tools ...
The Qualys Research Labs reported an authorization bypass
(CVE-2022-41974)
and a symlink attack
(CVE-2022-41973)
in multipath-tools, a set of tools to drive the Device Mapper multipathing
driver, which may result in local privilege escalation
Please refer to /usr/share/doc/multipath-tools/NEWSDebiangz for
backwards-incompatible changes in this u ...
multipath-tools 070 through 09x before 092 allows local users to obtain root access, as exploited alone or in conjunction with CVE-2022-41973 Local users able to write to UNIX domain sockets can bypass access controls and manipulate the multipath setup This can lead to local privilege escalation to root This occurs because an attacker can ...
Synopsis
Important: OpenShift Container Platform 41112 security update
Type/Severity
Security Advisory: Important
Topic
Red Hat OpenShift Container Platform release 41112 is now available with updates to packages and images that fix several bugs and add enhancementsRed Hat Product Security has rated this update as having a security impac ...
Synopsis
Important: device-mapper-multipath security update
Type/Severity
Security Advisory: Important
Red Hat Insights patch analysis
Identify and remediate systems affected by this advisory
View affected systems
Topic
An update for device-mapper-multipath is now available for Red Hat Enterprise Linux 82 Extended Update SupportR ...
Synopsis
Important: device-mapper-multipath security update
Type/Severity
Security Advisory: Important
Red Hat Insights patch analysis
Identify and remediate systems affected by this advisory
View affected systems
Topic
An update for device-mapper-multipath is now available for Red Hat Enterprise Linux 8Red Hat Product Security ha ...
Synopsis
Important: device-mapper-multipath security update
Type/Severity
Security Advisory: Important
Red Hat Insights patch analysis
Identify and remediate systems affected by this advisory
View affected systems
Topic
An update for device-mapper-multipath is now available for Red Hat Enterprise Linux 7Red Hat Product Security ha ...
Synopsis
Important: device-mapper-multipath security update
Type/Severity
Security Advisory: Important
Red Hat Insights patch analysis
Identify and remediate systems affected by this advisory
View affected systems
Topic
An update for device-mapper-multipath is now available for Red Hat Enterprise Linux 81 Update Services for SAP S ...
Synopsis
Moderate: Red Hat Advanced Cluster Management 248 security fixes and container updates
Type/Severity
Security Advisory: Moderate
Topic
Red Hat Advanced Cluster Management for Kubernetes 248 GeneralAvailability release images, which fix security issuesRed Hat Product Security has rated this update as having a security impactof Mo ...
Synopsis
Important: Red Hat Virtualization Host security update [ovirt-453-1]
Type/Severity
Security Advisory: Important
Red Hat Insights patch analysis
Identify and remediate systems affected by this advisory
View affected systems
Topic
An update for redhat-release-virtualization-host, redhat-virtualization-host, and redhat-virt ...
Synopsis
Important: device-mapper-multipath security update
Type/Severity
Security Advisory: Important
Red Hat Insights patch analysis
Identify and remediate systems affected by this advisory
View affected systems
Topic
An update for device-mapper-multipath is now available for Red Hat Enterprise Linux 9Red Hat Product Security ha ...
Synopsis
Important: OpenShift Container Platform 4853 bug fix and security update
Type/Severity
Security Advisory: Important
Topic
Red Hat OpenShift Container Platform release 4853 is now available withupdates to packages and images that fix several bugs and add enhancementsThis release includes a security update for Red Hat OpenShift Co ...
Synopsis
Important: OpenShift Virtualization 497 Images security update
Type/Severity
Security Advisory: Important
Topic
Red Hat OpenShift Virtualization release 497 is now available with updates to packages and images that fix several bugs and add enhancementsRed Hat Product Security has rated this update as having a security impact of ...
Description<!----> This CVE is under investigation by Red Hat Product Security ...