Lucene search

K

CVE-2022-41974

🗓️ 29 Oct 2022 19:10:15Reported by GoogleType 
osv
 osv
🔗 osv.dev👁 20 Views

multipath-tools 0.7.0 through 0.9.x before 0.9.2 allows local users to obtain root access, as exploited alone or in conjunction with CVE-2022-41973. Local users able to write to UNIX domain sockets can bypass access controls and manipulate the multipath setup. This can lead to local privilege escalation to root. This occurs because an attacker can repeat a keyword, which is mishandled because arithmetic ADD is used instead of bitwise OR

Show more
Related
Refs

Transform Your Security Services

Elevate your offerings with Vulners' advanced Vulnerability Intelligence. Contact us for a demo and discover the difference comprehensive, actionable intelligence can make in your security strategy.

Book a live demo
29 Oct 2022 19:15Current
7.8High risk
Vulners AI Score7.8
CVSS37.8
EPSS0.001
20
.json
Report