exploit the possibilities
Home Files News &[SERVICES_TAB]About Contact Add New
Showing 1 - 11 of 11 RSS Feed

CVE-2022-41973

Status Candidate

Overview

multipath-tools 0.7.7 through 0.9.x before 0.9.2 allows local users to obtain root access, as exploited in conjunction with CVE-2022-41974. Local users able to access /dev/shm can change symlinks in multipathd due to incorrect symlink handling, which could lead to controlled file writes outside of the /dev/shm directory. This could be used indirectly for local privilege escalation to root.

Related Files

Red Hat Security Advisory 2024-1110-03
Posted Mar 6, 2024
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2024-1110-03 - An update for device-mapper-multipath is now available for Red Hat Enterprise Linux 8.6 Extended Update Support. Issues addressed include an insecure handling vulnerability.

tags | advisory
systems | linux, redhat
advisories | CVE-2022-41973
SHA-256 | 1a2896073c7e80df3403496771278c6c738c0f4e743ae68acb563551b17a0148
Gentoo Linux Security Advisory 202311-06
Posted Nov 25, 2023
Authored by Gentoo | Site security.gentoo.org

Gentoo Linux Security Advisory 202311-6 - Multiple vulnerabilities have been discovered in multipath-tools, the worst of which can lead to root privilege escalation. Versions greater than or equal to 0.9.3 are affected.

tags | advisory, root, vulnerability
systems | linux, gentoo
advisories | CVE-2022-41973, CVE-2022-41974
SHA-256 | 63195caeb1700e3984a26a911b340418b6255d4604193db4aa5e182c66a21b28
Red Hat Security Advisory 2023-3353-01
Posted Jun 5, 2023
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2023-3353-01 - Multicluster Engine for Kubernetes 2.0.9 images Multicluster engine for Kubernetes provides the foundational components that are necessary for the centralized management of multiple Kubernetes-based clusters across data centers, public clouds, and private clouds. You can use the engine to create new Red Hat OpenShift Container Platform clusters or to bring existing Kubernetes-based clusters under management by importing them. After the clusters are managed, you can use the APIs that are provided by the engine to distribute configuration based on placement policy.

tags | advisory
systems | linux, redhat
advisories | CVE-2022-2795, CVE-2022-2928, CVE-2022-2929, CVE-2022-36227, CVE-2022-41973, CVE-2023-27535, CVE-2023-32313, CVE-2023-32314
SHA-256 | 3259357087069c7cede7d4a1f9d247d83aa1cea98953350f94e3c61ffdd04f6c
Red Hat Security Advisory 2023-3325-01
Posted May 26, 2023
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2023-3325-01 - Multicluster Engine for Kubernetes 2.1.7 images Multicluster engine for Kubernetes provides the foundational components that are necessary for the centralized management of multiple Kubernetes-based clusters across data centers, public clouds, and private clouds. You can use the engine to create new Red Hat OpenShift Container Platform clusters or to bring existing Kubernetes-based clusters under management by importing them. After the clusters are managed, you can use the APIs that are provided by the engine to distribute configuration based on placement policy.

tags | advisory
systems | linux, redhat
advisories | CVE-2022-2795, CVE-2022-2928, CVE-2022-2929, CVE-2022-36227, CVE-2022-41973, CVE-2023-0361, CVE-2023-27535, CVE-2023-32313, CVE-2023-32314
SHA-256 | e2676c14bb68a93168f72bef58e1e6585077119c14c9897091aa44d7a331beb3
Red Hat Security Advisory 2023-3296-01
Posted May 25, 2023
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2023-3296-01 - Multicluster Engine for Kubernetes 2.2.4 images Multicluster engine for Kubernetes provides the foundational components that are necessary for the centralized management of multiple Kubernetes-based clusters across data centers, public clouds, and private clouds. You can use the engine to create new Red Hat OpenShift Container Platform clusters or to bring existing Kubernetes-based clusters under management by importing them. After the clusters are managed, you can use the APIs that are provided by the engine to distribute configuration based on placement policy.

tags | advisory
systems | linux, redhat
advisories | CVE-2022-2795, CVE-2022-2928, CVE-2022-2929, CVE-2022-31690, CVE-2022-31692, CVE-2022-3172, CVE-2022-36227, CVE-2022-41973, CVE-2022-42889, CVE-2023-0361, CVE-2023-24422, CVE-2023-2491, CVE-2023-25725, CVE-2023-27535
SHA-256 | 0d190181de187a85cca97396c686e2bf391eef8e2f72f844b36951fbeb15a493
Red Hat Security Advisory 2023-2948-01
Posted May 16, 2023
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2023-2948-01 - The device-mapper-multipath packages provide tools that use the device-mapper multipath kernel module to manage multipath devices. Issues addressed include an insecure handling vulnerability.

tags | advisory, kernel
systems | linux, redhat
advisories | CVE-2022-41973
SHA-256 | 0fb27ffbbbfb86c99eb7e715c0678e8fbb649e90ca20fedf5e4a409012e16a35
Red Hat Security Advisory 2023-2459-01
Posted May 9, 2023
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2023-2459-01 - The device-mapper-multipath packages provide tools that use the device-mapper multipath kernel module to manage multipath devices. Issues addressed include an insecure handling vulnerability.

tags | advisory, kernel
systems | linux, redhat
advisories | CVE-2022-41973
SHA-256 | 7cacff43ebb2f12b1c9766558a85d7207ea6c90be2387fcfaa04d7392e5859f3
Debian Security Advisory 5366-1
Posted Mar 1, 2023
Authored by Debian | Site debian.org

Debian Linux Security Advisory 5366-1 - The Qualys Research Labs reported an authorization bypass (CVE-2022-41974) and a symlink attack (CVE-2022-41973) in multipath-tools, a set of tools to drive the Device Mapper multipathing driver, which may result in local privilege escalation.

tags | advisory, local
systems | linux, debian
advisories | CVE-2022-41973, CVE-2022-41974
SHA-256 | 449a42da9bb4b8caeb5d67f7cec2a182bd6252f94c98c628487a48466106f6b0
snap-confine must_mkdir_and_open_with_perms() Race Condition
Posted Dec 9, 2022
Authored by Qualys Security Advisory

Qualys discovered a race condition (CVE-2022-3328) in snap-confine, a SUID-root program installed by default on Ubuntu. In this advisory,they tell the story of this vulnerability (which was introduced in February 2022 by the patch for CVE-2021-44731) and detail how they exploited it in Ubuntu Server (a local privilege escalation, from any user to root) by combining it with two vulnerabilities in multipathd (an authorization bypass and a symlink attack, CVE-2022-41974 and CVE-2022-41973).

tags | exploit, local, root, vulnerability
systems | linux, ubuntu
advisories | CVE-2021-44731, CVE-2022-3328, CVE-2022-41973, CVE-2022-41974
SHA-256 | ae9802d4db6010e09c5ca96ad72cd8f9bb70aff4d7af8a1ec00cebd3203d1f95
Ubuntu Security Notice USN-5731-1
Posted Nov 18, 2022
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 5731-1 - It was discovered that multipath-tools incorrectly handled symlinks. A local attacker could possibly use this issue, in combination with other issues, to escalate privileges. This issue only affected Ubuntu 20.04 LTS, Ubuntu 22.04 LTS, and Ubuntu 22.10. It was discovered that multipath-tools incorrectly handled access controls. A local attacker could possibly use this issue, in combination with other issues, to escalate privileges.

tags | advisory, local
systems | linux, ubuntu
advisories | CVE-2022-41973, CVE-2022-41974
SHA-256 | 9624ae8fb4d6e0770272c04b66838bae629e7de815fff8a5dfa0edc820f31a3a
Leeloo Multipath Authorization Bypass / Symlink Attack
Posted Oct 31, 2022
Authored by Qualys Security Advisory

The Qualys Research Team has discovered authorization bypass and symlink vulnerabilities in multipathd. The authorization bypass was introduced in version 0.7.0 and the symlink vulnerability was introduced in version 0.7.7.

tags | exploit, vulnerability
advisories | CVE-2022-41973, CVE-2022-41974
SHA-256 | 9fd49ad2d42596cc152f6771bcdd491b37e2986a01a0b0cdb2f997469ee1fdec
Page 1 of 1
Back1Next

File Archive:

June 2024

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Jun 1st
    0 Files
  • 2
    Jun 2nd
    0 Files
  • 3
    Jun 3rd
    18 Files
  • 4
    Jun 4th
    21 Files
  • 5
    Jun 5th
    0 Files
  • 6
    Jun 6th
    57 Files
  • 7
    Jun 7th
    6 Files
  • 8
    Jun 8th
    0 Files
  • 9
    Jun 9th
    0 Files
  • 10
    Jun 10th
    12 Files
  • 11
    Jun 11th
    27 Files
  • 12
    Jun 12th
    38 Files
  • 13
    Jun 13th
    16 Files
  • 14
    Jun 14th
    0 Files
  • 15
    Jun 15th
    0 Files
  • 16
    Jun 16th
    0 Files
  • 17
    Jun 17th
    0 Files
  • 18
    Jun 18th
    0 Files
  • 19
    Jun 19th
    0 Files
  • 20
    Jun 20th
    0 Files
  • 21
    Jun 21st
    0 Files
  • 22
    Jun 22nd
    0 Files
  • 23
    Jun 23rd
    0 Files
  • 24
    Jun 24th
    0 Files
  • 25
    Jun 25th
    0 Files
  • 26
    Jun 26th
    0 Files
  • 27
    Jun 27th
    0 Files
  • 28
    Jun 28th
    0 Files
  • 29
    Jun 29th
    0 Files
  • 30
    Jun 30th
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2022 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close