what you don't know can hurt you
Home Files News &[SERVICES_TAB]About Contact Add New
Showing 1 - 11 of 11 RSS Feed

CVE-2022-41973

Status Candidate

Overview

multipath-tools 0.7.7 through 0.9.x before 0.9.2 allows local users to obtain root access, as exploited in conjunction with CVE-2022-41974. Local users able to access /dev/shm can change symlinks in multipathd due to incorrect symlink handling, which could lead to controlled file writes outside of the /dev/shm directory. This could be used indirectly for local privilege escalation to root.

Related Files

Red Hat Security Advisory 2024-1110-03
Posted Mar 6, 2024
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2024-1110-03 - An update for device-mapper-multipath is now available for Red Hat Enterprise Linux 8.6 Extended Update Support. Issues addressed include an insecure handling vulnerability.

tags | advisory
systems | linux, redhat
advisories | CVE-2022-41973
SHA-256 | 1a2896073c7e80df3403496771278c6c738c0f4e743ae68acb563551b17a0148
Gentoo Linux Security Advisory 202311-06
Posted Nov 25, 2023
Authored by Gentoo | Site security.gentoo.org

Gentoo Linux Security Advisory 202311-6 - Multiple vulnerabilities have been discovered in multipath-tools, the worst of which can lead to root privilege escalation. Versions greater than or equal to 0.9.3 are affected.

tags | advisory, root, vulnerability
systems | linux, gentoo
advisories | CVE-2022-41973, CVE-2022-41974
SHA-256 | 63195caeb1700e3984a26a911b340418b6255d4604193db4aa5e182c66a21b28
Red Hat Security Advisory 2023-3353-01
Posted Jun 5, 2023
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2023-3353-01 - Multicluster Engine for Kubernetes 2.0.9 images Multicluster engine for Kubernetes provides the foundational components that are necessary for the centralized management of multiple Kubernetes-based clusters across data centers, public clouds, and private clouds. You can use the engine to create new Red Hat OpenShift Container Platform clusters or to bring existing Kubernetes-based clusters under management by importing them. After the clusters are managed, you can use the APIs that are provided by the engine to distribute configuration based on placement policy.

tags | advisory
systems | linux, redhat
advisories | CVE-2022-2795, CVE-2022-2928, CVE-2022-2929, CVE-2022-36227, CVE-2022-41973, CVE-2023-27535, CVE-2023-32313, CVE-2023-32314
SHA-256 | 3259357087069c7cede7d4a1f9d247d83aa1cea98953350f94e3c61ffdd04f6c
Red Hat Security Advisory 2023-3325-01
Posted May 26, 2023
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2023-3325-01 - Multicluster Engine for Kubernetes 2.1.7 images Multicluster engine for Kubernetes provides the foundational components that are necessary for the centralized management of multiple Kubernetes-based clusters across data centers, public clouds, and private clouds. You can use the engine to create new Red Hat OpenShift Container Platform clusters or to bring existing Kubernetes-based clusters under management by importing them. After the clusters are managed, you can use the APIs that are provided by the engine to distribute configuration based on placement policy.

tags | advisory
systems | linux, redhat
advisories | CVE-2022-2795, CVE-2022-2928, CVE-2022-2929, CVE-2022-36227, CVE-2022-41973, CVE-2023-0361, CVE-2023-27535, CVE-2023-32313, CVE-2023-32314
SHA-256 | e2676c14bb68a93168f72bef58e1e6585077119c14c9897091aa44d7a331beb3
Red Hat Security Advisory 2023-3296-01
Posted May 25, 2023
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2023-3296-01 - Multicluster Engine for Kubernetes 2.2.4 images Multicluster engine for Kubernetes provides the foundational components that are necessary for the centralized management of multiple Kubernetes-based clusters across data centers, public clouds, and private clouds. You can use the engine to create new Red Hat OpenShift Container Platform clusters or to bring existing Kubernetes-based clusters under management by importing them. After the clusters are managed, you can use the APIs that are provided by the engine to distribute configuration based on placement policy.

tags | advisory
systems | linux, redhat
advisories | CVE-2022-2795, CVE-2022-2928, CVE-2022-2929, CVE-2022-31690, CVE-2022-31692, CVE-2022-3172, CVE-2022-36227, CVE-2022-41973, CVE-2022-42889, CVE-2023-0361, CVE-2023-24422, CVE-2023-2491, CVE-2023-25725, CVE-2023-27535
SHA-256 | 0d190181de187a85cca97396c686e2bf391eef8e2f72f844b36951fbeb15a493
Red Hat Security Advisory 2023-2948-01
Posted May 16, 2023
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2023-2948-01 - The device-mapper-multipath packages provide tools that use the device-mapper multipath kernel module to manage multipath devices. Issues addressed include an insecure handling vulnerability.

tags | advisory, kernel
systems | linux, redhat
advisories | CVE-2022-41973
SHA-256 | 0fb27ffbbbfb86c99eb7e715c0678e8fbb649e90ca20fedf5e4a409012e16a35
Red Hat Security Advisory 2023-2459-01
Posted May 9, 2023
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2023-2459-01 - The device-mapper-multipath packages provide tools that use the device-mapper multipath kernel module to manage multipath devices. Issues addressed include an insecure handling vulnerability.

tags | advisory, kernel
systems | linux, redhat
advisories | CVE-2022-41973
SHA-256 | 7cacff43ebb2f12b1c9766558a85d7207ea6c90be2387fcfaa04d7392e5859f3
Debian Security Advisory 5366-1
Posted Mar 1, 2023
Authored by Debian | Site debian.org

Debian Linux Security Advisory 5366-1 - The Qualys Research Labs reported an authorization bypass (CVE-2022-41974) and a symlink attack (CVE-2022-41973) in multipath-tools, a set of tools to drive the Device Mapper multipathing driver, which may result in local privilege escalation.

tags | advisory, local
systems | linux, debian
advisories | CVE-2022-41973, CVE-2022-41974
SHA-256 | 449a42da9bb4b8caeb5d67f7cec2a182bd6252f94c98c628487a48466106f6b0
snap-confine must_mkdir_and_open_with_perms() Race Condition
Posted Dec 9, 2022
Authored by Qualys Security Advisory

Qualys discovered a race condition (CVE-2022-3328) in snap-confine, a SUID-root program installed by default on Ubuntu. In this advisory,they tell the story of this vulnerability (which was introduced in February 2022 by the patch for CVE-2021-44731) and detail how they exploited it in Ubuntu Server (a local privilege escalation, from any user to root) by combining it with two vulnerabilities in multipathd (an authorization bypass and a symlink attack, CVE-2022-41974 and CVE-2022-41973).

tags | exploit, local, root, vulnerability
systems | linux, ubuntu
advisories | CVE-2021-44731, CVE-2022-3328, CVE-2022-41973, CVE-2022-41974
SHA-256 | ae9802d4db6010e09c5ca96ad72cd8f9bb70aff4d7af8a1ec00cebd3203d1f95
Ubuntu Security Notice USN-5731-1
Posted Nov 18, 2022
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 5731-1 - It was discovered that multipath-tools incorrectly handled symlinks. A local attacker could possibly use this issue, in combination with other issues, to escalate privileges. This issue only affected Ubuntu 20.04 LTS, Ubuntu 22.04 LTS, and Ubuntu 22.10. It was discovered that multipath-tools incorrectly handled access controls. A local attacker could possibly use this issue, in combination with other issues, to escalate privileges.

tags | advisory, local
systems | linux, ubuntu
advisories | CVE-2022-41973, CVE-2022-41974
SHA-256 | 9624ae8fb4d6e0770272c04b66838bae629e7de815fff8a5dfa0edc820f31a3a
Leeloo Multipath Authorization Bypass / Symlink Attack
Posted Oct 31, 2022
Authored by Qualys Security Advisory

The Qualys Research Team has discovered authorization bypass and symlink vulnerabilities in multipathd. The authorization bypass was introduced in version 0.7.0 and the symlink vulnerability was introduced in version 0.7.7.

tags | exploit, vulnerability
advisories | CVE-2022-41973, CVE-2022-41974
SHA-256 | 9fd49ad2d42596cc152f6771bcdd491b37e2986a01a0b0cdb2f997469ee1fdec
Page 1 of 1
Back1Next

File Archive:

October 2024

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Oct 1st
    39 Files
  • 2
    Oct 2nd
    23 Files
  • 3
    Oct 3rd
    18 Files
  • 4
    Oct 4th
    20 Files
  • 5
    Oct 5th
    0 Files
  • 6
    Oct 6th
    0 Files
  • 7
    Oct 7th
    17 Files
  • 8
    Oct 8th
    66 Files
  • 9
    Oct 9th
    25 Files
  • 10
    Oct 10th
    20 Files
  • 11
    Oct 11th
    21 Files
  • 12
    Oct 12th
    0 Files
  • 13
    Oct 13th
    0 Files
  • 14
    Oct 14th
    14 Files
  • 15
    Oct 15th
    0 Files
  • 16
    Oct 16th
    0 Files
  • 17
    Oct 17th
    0 Files
  • 18
    Oct 18th
    0 Files
  • 19
    Oct 19th
    0 Files
  • 20
    Oct 20th
    0 Files
  • 21
    Oct 21st
    0 Files
  • 22
    Oct 22nd
    0 Files
  • 23
    Oct 23rd
    0 Files
  • 24
    Oct 24th
    0 Files
  • 25
    Oct 25th
    0 Files
  • 26
    Oct 26th
    0 Files
  • 27
    Oct 27th
    0 Files
  • 28
    Oct 28th
    0 Files
  • 29
    Oct 29th
    0 Files
  • 30
    Oct 30th
    0 Files
  • 31
    Oct 31st
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2024 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close