PT-2023-2683 · Linux +7 · Linux Kernel +7

Name of the Vulnerable Software and Affected Versions: Linux Kernel affected versions not specified Description: A denial of service issue was discovered due to a possible recursive locking scenario, resulting in a deadlock in the table clear function in the drivers/md/dm-ioctl.c file of the Linu...

device-mapper-multipath bug fix update

An update is available for device-mapper-multipath. This update affects Rocky Linux 8. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list The device-mapper-multipath packages provide tools that use t...

SUSE CVE-2022-3787

A vulnerability was found in the device-mapper-multipath. The device-mapper-multipath allows local users to obtain root access, exploited alone or in conjunction with CVE-2022-41973. Local users that are able to write to UNIX domain sockets can bypass access controls and manipulate the multipath...

CVE-2022-3787

A vulnerability was found in the device-mapper-multipath. The device-mapper-multipath allows local users to obtain root access, exploited alone or in conjunction with CVE-2022-41973. Local users that are able to write to UNIX domain sockets can bypass access controls and manipulate the multipath...

CVE-2022-3787

A vulnerability was found in the device-mapper-multipath. The device-mapper-multipath allows local users to obtain root access, exploited alone or in conjunction with CVE-2022-41973. Local users that are able to write to UNIX domain sockets can bypass access controls and manipulate the multipath...

Privilege escalation

A vulnerability was found in the device-mapper-multipath. The device-mapper-multipath allows local users to obtain root access, exploited alone or in conjunction with CVE-2022-41973. Local users that are able to write to UNIX domain sockets can bypass access controls and manipulate the multipath...

CVE-2022-3787

CVE-2022-3787 affects device-mapper-multipath (multipath-tools). The issue enables local root privileges via incorrect handling in multipathd, linked to arithmetic ADD mishandling (and is usable with CVE-2022-41973/41974). Astra Linux advisories note vulnerable versions include 0.7.x–0.9.x before...

CVE-2022-3787

A vulnerability was found in the device-mapper-multipath. The device-mapper-multipath allows local users to obtain root access, exploited alone or in conjunction with CVE-2022-41973. Local users that are able to write to UNIX domain sockets can bypass access controls and manipulate the multipath...

CVE-2022-3787

A vulnerability was found in the device-mapper-multipath. The device-mapper-multipath allows local users to obtain root access, exploited alone or in conjunction with CVE-2022-41973. Local users that are able to write to UNIX domain sockets can bypass access controls and manipulate the multipath...

Amazon Linux 2023 : device-mapper-multipath, device-mapper-multipath-devel, device-mapper-multipath-libs (ALAS2023-2023-141)

It is, therefore, affected by a vulnerability as referenced in the ALAS2023-2023-141 advisory. multipath-tools 0.7.0 through 0.9.x before 0.9.2 allows local users to obtain root access, as exploited alone or in conjunction with CVE-2022-41973. Local users able to write to UNIX domain sockets can...

Important: device-mapper-multipath

Issue Overview: multipath-tools 0.7.0 through 0.9.x before 0.9.2 allows local users to obtain root access, as exploited alone or in conjunction with CVE-2022-41973. Local users able to write to UNIX domain sockets can bypass access controls and manipulate the multipath setup. This can lead to loc...

Important: device-mapper-multipath

Issue Overview: A vulnerability was found in the device-mapper-multipath. The device-mapper-multipath allows local users to obtain root access, exploited alone or in conjunction with CVE-2022-41973. Local users that are able to write to UNIX domain sockets can bypass access controls and manipulat...

Amazon Linux 2023 : device-mapper-multipath, device-mapper-multipath-devel, device-mapper-multipath-libs (ALAS2023-2023-126)

It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS2023-2023-126 advisory. A vulnerability was found in the device-mapper-multipath. The device-mapper-multipath allows local users to obtain root access, exploited alone or in conjunction with CVE-2022-41973. Local user...

CBL Mariner 2.0 Security Update: device-mapper-multipath (CVE-2022-41974)

The version of device-mapper-multipath installed on the remote CBL Mariner 2.0 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the CVE-2022-41974 advisory. - multipath-tools 0.7.0 through 0.9.x before 0.9.2 allows local users to obtain root access, ...

CBL Mariner 2.0 Security Update: device-mapper-multipath (CVE-2022-41973)

The version of device-mapper-multipath installed on the remote CBL Mariner 2.0 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the CVE-2022-41973 advisory. - multipath-tools 0.7.7 through 0.9.x before 0.9.2 allows local users to obtain root access, ...

K000133058: device-mapper-multipath vulnerability CVE-2022-41973

Security Advisory Description multipath-tools 0.7.7 through 0.9.x before 0.9.2 allows local users to obtain root access, as exploited in conjunction with CVE-2022-41974. Local users able to access /dev/shm can change symlinks in multipathd due to incorrect symlink handling, which could lead to...

SUSE CVE-2009-0115

The Device Mapper multipathing driver aka multipath-tools or device-mapper-multipath 0.4.8, as used in SUSE openSUSE, SUSE Linux Enterprise Server SLES, Fedora, and possibly other operating systems, uses world-writable permissions for the socket file aka /var/run/multipathd.sock, which allows loc...

SUSE CVE-2020-14339

A flaw was found in libvirt, where it leaked a file descriptor for /dev/mapper/control into the QEMU process. This file descriptor allows for privileged operations to happen against the device-mapper on the host. This flaw allows a malicious guest user or process to perform operations outside of...

Huawei EulerOS: Security Advisory for device-mapper-multipath (EulerOS-SA-2023-1310)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

EulerOS 2.0 SP8 : device-mapper-multipath (EulerOS-SA-2023-1310)

According to the versions of the device-mapper-multipath packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : - multipath-tools 0.7.7 through 0.9.x before 0.9.2 allows local users to obtain root access, as exploited in conjunction with...