device-mapper-multipath bug fix and enhancement update

An update is available for device-mapper-multipath. This update affects Rocky Linux 8. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list For detailed information on changes in this release, see the...

CVE-2022-3787

A vulnerability was found in the device-mapper-multipath. The device-mapper-multipath allows local users to obtain root access, exploited alone or in conjunction with CVE-2022-41973. Local users that are able to write to UNIX domain sockets can bypass access controls and manipulate the multipath...

device-mapper-multipath 安全漏洞

Red Hat device-mapper-multipath is a device mapper multipath from Red Hat, Inc. It allows you to configure multiple I/O paths between server nodes and storage arrays into a single device. A security vulnerability exists in device-mapper-multipath. An attacker exploited the vulnerability to gain...

PT-2023-13556 · Unknown +4 · Device-Mapper-Multipath +4

Name of the Vulnerable Software and Affected Versions: device-mapper-multipath affected versions not specified Description: A local privilege escalation issue exists, allowing local users to obtain root access by exploiting a flaw in the handling of UNIX domain sockets. This can be achieved by...

Scientific Linux Security Update : device-mapper-multipath on SL7.x i686/x86_64 (2022:7186)

The remote Scientific Linux 7 host has packages installed that are affected by a vulnerability as referenced in the SLSA-2022:7186-1 advisory. - device-mapper-multipath: Authorization bypass, multipathd daemon listens for client connections on an abstract Unix socket CVE-2022-41974 Note that Ness...

SUSE-SU-2022:3810-1 Security update for the Linux Kernel

The SUSE Linux Enterprise 12 SP5 kernel rt was updated. The following security bugs were fixed: - CVE-2022-40768: Fixed information leak in the scsi driver which allowed local users to obtain sensitive information from kernel memory. bnc1203514 - CVE-2022-3169: Fixed a denial of service flaw whic...

AZL-11373 CVE-2022-41974 affecting package device-mapper-multipath for versions less than 0.8.6-4

multipath-tools 0.7.0 through 0.9.x before 0.9.2 allows local users to obtain root access, as exploited alone or in conjunction with CVE-2022-41973. Local users able to write to UNIX domain sockets can bypass access controls and manipulate the multipath setup. This can lead to local privilege...

AZL-11371 CVE-2022-41973 affecting package device-mapper-multipath for versions less than 0.8.6-4

multipath-tools 0.7.7 through 0.9.x before 0.9.2 allows local users to obtain root access, as exploited in conjunction with CVE-2022-41974. Local users able to access /dev/shm can change symlinks in multipathd due to incorrect symlink handling, which could lead to controlled file writes outside o...

RHEL 8 : device-mapper-multipath (RHSA-2022:7191)

The remote Redhat Enterprise Linux 8 host has a package installed that is affected by a vulnerability as referenced in the RHSA-2022:7191 advisory. The device-mapper-multipath packages provide tools that use the device-mapper multipath kernel module to manage multipath devices. Security Fixes:...

device-mapper-multipath: Authorization bypass, multipathd daemon listens for client connections on an abstract Unix socket

A vulnerability was found in the device-mapper-multipath. The device-mapper-multipath allows local users to obtain root access, exploited alone or in conjunction with CVE-2022-41973. Local users that are able to write to UNIX domain sockets can bypass access controls and manipulate the multipath...

Important: Red Hat Security Advisory: device-mapper-multipath security update

An update for device-mapper-multipath is now available for Red Hat Enterprise Linux 8.4 Extended Update Support. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, ...

AlmaLinux 9 : device-mapper-multipath (ALSA-2022:7185)

The remote AlmaLinux 9 host has packages installed that are affected by a vulnerability as referenced in the ALSA-2022:7185 advisory. - device-mapper-multipath: Authorization bypass, multipathd daemon listens for client connections on an abstract Unix socket CVE-2022-41974 Note that Nessus has no...

SUSE SLES12: kernel-default / kernel-default-base / kernel-default-devel / etc (SUSE-SU-2022:3779-1)

The remote SUSE Linux SLES12 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2022:3779-1 advisory. The SUSE Linux Enterprise 12-SP2 kernel was updated receive various security and bugfixes. The following security bugs were fixed: -...

Oracle Linux 7 : device-mapper-multipath (ELSA-2022-7186)

The remote Oracle Linux 7 host has packages installed that are affected by a vulnerability as referenced in the ELSA-2022-7186 advisory. 0.4.9-136.0.1 - mpathpersist: Fix Register and Ignore with 0x00 SARK Orabug: 32696195 - mpathpersist: update prkeys file on changing registrations Orabug:...

Oracle Linux 8 : device-mapper-multipath (ELSA-2022-7192)

The remote Oracle Linux 8 host has packages installed that are affected by a vulnerability as referenced in the ELSA-2022-7192 advisory. 0.8.4-22.2 - Add 0092-multipathd-ignore-duplicated-multipathd-command-keys.patch - Resolves: bz 2133994 Tenable has extracted the preceding description block...

device-mapper-multipath security update

0.8.7-7.1 - Add 0044-multipathd-ignore-duplicated-multipathd-command-keys.patch - Resolves: bz 2133997...

device-mapper-multipath security update

0.4.9-136.0.1 - mpathpersist: Fix Register and Ignore with 0x00 SARK Orabug: 32696195 - mpathpersist: update prkeys file on changing registrations Orabug: 32696195 - Keep upstream patch 0273-RHBZ-1988462-fix-disable-changed-wwids-segfault.patch fix segfault with disablechangedwwids for orabug...

device-mapper-multipath security update

0.8.4-22.2 - Add 0092-multipathd-ignore-duplicated-multipathd-command-keys.patch - Resolves: bz 2133994...

Oracle Linux 9 : device-mapper-multipath (ELSA-2022-7185)

The remote Oracle Linux 9 host has packages installed that are affected by a vulnerability as referenced in the ELSA-2022-7185 advisory. 0.8.7-7.1 - Add 0044-multipathd-ignore-duplicated-multipathd-command-keys.patch - Resolves: bz 2133997 Tenable has extracted the preceding description block...

device-mapper-multipath: Authorization bypass, multipathd daemon listens for client connections on an abstract Unix socket

A vulnerability was found in the device-mapper-multipath. The device-mapper-multipath allows local users to obtain root access, exploited alone or in conjunction with CVE-2022-41973. Local users that are able to write to UNIX domain sockets can bypass access controls and manipulate the multipath...