PT-2025-49495

Name of the Vulnerable Software and Affected Versions Linux kernel versions prior to 6.0.0-rc2 19 Description The Linux kernel contains an issue within the dm cache component. Specifically, the background tracker's queued work is not properly freed in the btracker destroy function. This can lead ...

Rocky Linux 8 : device-mapper-multipath (RLSA-2022:7928)

The remote Rocky Linux 8 host has packages installed that are affected by a vulnerability as referenced in the RLSA-2022:7928 advisory. - A vulnerability was found in the device-mapper-multipath. The device-mapper-multipath allows local users to obtain root access, exploited alone or in conjuncti...

CVE-2020-35326

SQL Injection vulnerability in file /inxedu/demoinxeduopen/src/main/resources/mybatis/inxedu/website/WebsiteImagesMapper.xml in inxedu 2.0.6 via the id value...

Privilege Escalation

device-mapper-multipath is vulnerable to privilege escalation. The library allows local users to obtain root access, exploited alone or in conjunction with CVE-2022-41973. Local users that are able to write to UNIX domain sockets can bypass access controls and manipulate the multipath setup. This...

inxedu SQL注入漏洞

Inxedu inxedu is a set of open source online education platform of China Inxedu Inxedu company. The platform includes an online school system, a live broadcasting system, an examination system and a marketing website. SQL injection vulnerability exists in inxedu version 2.0.6, the vulnerability...

CVE-2022-41974 affecting package device-mapper-multipath for versions less than 0.8.6-4

CVE-2022-41974 affecting package device-mapper-multipath for versions less than 0.8.6-4. A patched version of the package is available...

PT-2025-37672

Name of the Vulnerable Software and Affected Versions Linux kernel versions prior to 6.1.25-android14-5-maybe-dirty-mainline Description The Linux kernel contained an issue where the detection of atomic context was insufficient, potentially leading to problems when z erofs decompressqueue endio w...

Huawei EulerOS: Security Advisory for kernel (EulerOS-SA-2022-2906)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Fedora 36 : device-mapper-multipath (2022-6ec78b2586)

The remote Fedora 36 host has a package installed that is affected by multiple vulnerabilities as referenced in the FEDORA-2022-6ec78b2586 advisory. Security fix for CVE-2022-41973 and CVE-2022-41974 Tenable has extracted the preceding description block directly from the Fedora security advisory...

PT-2022-36586 · Linux · Linux Kernel

Name of the Vulnerable Software and Affected Versions: Linux Kernel versions prior to v4.9.334 Description: The issue is related to a misbehavior in the dm ioctl when list versions races with module loading. The actual impact and attack plausibility have not yet been proven. Recommendations: For...

Amazon Linux 2 : device-mapper-multipath (ALAS-2022-1883)

The version of device-mapper-multipath installed on the remote host is prior to 0.4.9-136. It is, therefore, affected by a vulnerability as referenced in the ALAS2-2022-1883 advisory. multipath-tools 0.7.0 through 0.9.x before 0.9.2 allows local users to obtain root access, as exploited alone or ...

Important: device-mapper-multipath

Issue Overview: multipath-tools 0.7.0 through 0.9.x before 0.9.2 allows local users to obtain root access, as exploited alone or in conjunction with CVE-2022-41973. Local users able to write to UNIX domain sockets can bypass access controls and manipulate the multipath setup. This can lead to loc...

CentOS 7 : device-mapper-multipath (RHSA-2022:7186)

The remote CentOS Linux 7 host has a package installed that is affected by a vulnerability as referenced in the RHSA-2022:7186 advisory. - multipath-tools 0.7.0 through 0.9.x before 0.9.2 allows local users to obtain root access, as exploited alone or in conjunction with CVE-2022-41973. Local use...

CentOS: Security Advisory for device-mapper-multipath (CESA-2022:7186)

The remote host is missing an update for the Copyright C 2022 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...

device, kpartx, libdmmp security update

CentOS Errata and Security Advisory CESA-2022:7186 An update for device-mapper-multipath is now available for Red Hat Enterprise Linux 7. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a...

Malicious code in microsoft-data-mapper-vscode-extension (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 678ab57585e9c697e1a9baf24e9622476369f342f5ac0dbd5ec273045472a213 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

MAL-2022-4586 Malicious code in microsoft-data-mapper-vscode-extension (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 678ab57585e9c697e1a9baf24e9622476369f342f5ac0dbd5ec273045472a213 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

device-mapper-multipath security update

0.8.7-12.1 - Add 0062-multipathd-ignore-duplicated-multipathd-command-keys.patch - Resolves: bz 2133998...

Oracle Linux 9 : device-mapper-multipath (ELSA-2022-8453)

The remote Oracle Linux 9 host has packages installed that are affected by a vulnerability as referenced in the ELSA-2022-8453 advisory. 0.8.7-12.1 - Add 0062-multipathd-ignore-duplicated-multipathd-command-keys.patch - Resolves: bz 2133998 Tenable has extracted the preceding description block...

device-mapper-multipath: Authorization bypass, multipathd daemon listens for client connections on an abstract Unix socket

A vulnerability was found in the device-mapper-multipath. The device-mapper-multipath allows local users to obtain root access, exploited alone or in conjunction with CVE-2022-41973. Local users that are able to write to UNIX domain sockets can bypass access controls and manipulate the multipath...