773 matches found
CVE-2022-3787
A vulnerability was found in the device-mapper-multipath. The device-mapper-multipath allows local users to obtain root access, exploited alone or in conjunction with CVE-2022-41973. Local users that are able to write to UNIX domain sockets can bypass access controls and manipulate the multipath...
Privilege escalation
A vulnerability was found in the device-mapper-multipath. The device-mapper-multipath allows local users to obtain root access, exploited alone or in conjunction with CVE-2022-41973. Local users that are able to write to UNIX domain sockets can bypass access controls and manipulate the multipath...
CVE-2022-3787
A vulnerability was found in the device-mapper-multipath. The device-mapper-multipath allows local users to obtain root access, exploited alone or in conjunction with CVE-2022-41973. Local users that are able to write to UNIX domain sockets can bypass access controls and manipulate the multipath...
CVE-2022-3787
CVE-2022-3787 affects device-mapper-multipath (multipath-tools). The issue enables local root privileges via incorrect handling in multipathd, linked to arithmetic ADD mishandling (and is usable with CVE-2022-41973/41974). Astra Linux advisories note vulnerable versions include 0.7.x–0.9.x before...
CVE-2022-3787
A vulnerability was found in the device-mapper-multipath. The device-mapper-multipath allows local users to obtain root access, exploited alone or in conjunction with CVE-2022-41973. Local users that are able to write to UNIX domain sockets can bypass access controls and manipulate the multipath...
Amazon Linux 2023 : device-mapper-multipath, device-mapper-multipath-devel, device-mapper-multipath-libs (ALAS2023-2023-141)
It is, therefore, affected by a vulnerability as referenced in the ALAS2023-2023-141 advisory. multipath-tools 0.7.0 through 0.9.x before 0.9.2 allows local users to obtain root access, as exploited alone or in conjunction with CVE-2022-41973. Local users able to write to UNIX domain sockets can...
Important: device-mapper-multipath
Issue Overview: multipath-tools 0.7.0 through 0.9.x before 0.9.2 allows local users to obtain root access, as exploited alone or in conjunction with CVE-2022-41973. Local users able to write to UNIX domain sockets can bypass access controls and manipulate the multipath setup. This can lead to loc...
Important: device-mapper-multipath
Issue Overview: A vulnerability was found in the device-mapper-multipath. The device-mapper-multipath allows local users to obtain root access, exploited alone or in conjunction with CVE-2022-41973. Local users that are able to write to UNIX domain sockets can bypass access controls and manipulat...
Amazon Linux 2023 : device-mapper-multipath, device-mapper-multipath-devel, device-mapper-multipath-libs (ALAS2023-2023-126)
It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS2023-2023-126 advisory. A vulnerability was found in the device-mapper-multipath. The device-mapper-multipath allows local users to obtain root access, exploited alone or in conjunction with CVE-2022-41973. Local user...
CBL Mariner 2.0 Security Update: device-mapper-multipath (CVE-2022-41973)
The version of device-mapper-multipath installed on the remote CBL Mariner 2.0 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the CVE-2022-41973 advisory. - multipath-tools 0.7.7 through 0.9.x before 0.9.2 allows local users to obtain root access, ...
CBL Mariner 2.0 Security Update: device-mapper-multipath (CVE-2022-41974)
The version of device-mapper-multipath installed on the remote CBL Mariner 2.0 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the CVE-2022-41974 advisory. - multipath-tools 0.7.0 through 0.9.x before 0.9.2 allows local users to obtain root access, ...
K000133058: device-mapper-multipath vulnerability CVE-2022-41973
Security Advisory Description multipath-tools 0.7.7 through 0.9.x before 0.9.2 allows local users to obtain root access, as exploited in conjunction with CVE-2022-41974. Local users able to access /dev/shm can change symlinks in multipathd due to incorrect symlink handling, which could lead to...
SUSE CVE-2009-0115
The Device Mapper multipathing driver aka multipath-tools or device-mapper-multipath 0.4.8, as used in SUSE openSUSE, SUSE Linux Enterprise Server SLES, Fedora, and possibly other operating systems, uses world-writable permissions for the socket file aka /var/run/multipathd.sock, which allows loc...
SUSE CVE-2020-14339
A flaw was found in libvirt, where it leaked a file descriptor for /dev/mapper/control into the QEMU process. This file descriptor allows for privileged operations to happen against the device-mapper on the host. This flaw allows a malicious guest user or process to perform operations outside of...
Huawei EulerOS: Security Advisory for device-mapper-multipath (EulerOS-SA-2023-1310)
The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
EulerOS 2.0 SP8 : device-mapper-multipath (EulerOS-SA-2023-1310)
According to the versions of the device-mapper-multipath packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : - multipath-tools 0.7.7 through 0.9.x before 0.9.2 allows local users to obtain root access, as exploited in conjunction with...
PT-2025-49495
Name of the Vulnerable Software and Affected Versions Linux kernel versions prior to 6.0.0-rc2 19 Description The Linux kernel contains an issue within the dm cache component. Specifically, the background tracker's queued work is not properly freed in the btracker destroy function. This can lead ...
Rocky Linux 8 : device-mapper-multipath (RLSA-2022:7928)
The remote Rocky Linux 8 host has packages installed that are affected by a vulnerability as referenced in the RLSA-2022:7928 advisory. - A vulnerability was found in the device-mapper-multipath. The device-mapper-multipath allows local users to obtain root access, exploited alone or in conjuncti...
Privilege Escalation
device-mapper-multipath is vulnerable to privilege escalation. The library allows local users to obtain root access, exploited alone or in conjunction with CVE-2022-41973. Local users that are able to write to UNIX domain sockets can bypass access controls and manipulate the multipath setup. This...
CVE-2022-41974 affecting package device-mapper-multipath for versions less than 0.8.6-4
CVE-2022-41974 affecting package device-mapper-multipath for versions less than 0.8.6-4. A patched version of the package is available...