Lucene search

K

Multipath-tools Security Vulnerabilities

cve
cve

CVE-2022-41974

multipath-tools 0.7.0 through 0.9.x before 0.9.2 allows local users to obtain root access, as exploited alone or in conjunction with CVE-2022-41973. Local users able to write to UNIX domain sockets can bypass access controls and manipulate the multipath setup. This can lead to local privilege...

7.8CVSS

7.9AI Score

0.0004EPSS

2022-10-29 07:15 PM
399
22
cve
cve

CVE-2022-41973

multipath-tools 0.7.7 through 0.9.x before 0.9.2 allows local users to obtain root access, as exploited in conjunction with CVE-2022-41974. Local users able to access /dev/shm can change symlinks in multipathd due to incorrect symlink handling, which could lead to controlled file writes outside of....

7.8CVSS

7.9AI Score

0.0004EPSS

2022-10-29 06:15 PM
236
21
cve
cve

CVE-2009-0115

The Device Mapper multipathing driver (aka multipath-tools or device-mapper-multipath) 0.4.8, as used in SUSE openSUSE, SUSE Linux Enterprise Server (SLES), Fedora, and possibly other operating systems, uses world-writable permissions for the socket file (aka /var/run/multipathd.sock), which...

7.8CVSS

7.4AI Score

0.0004EPSS

2009-03-30 04:30 PM
28