Astra Linux - уязвимость в multipath-tools

In versions of multipath-tools from 0.7.0 to 0.9.x, up to 0.9.2, local users could obtain root access, either alone or in conjunction with CVE-2022-41973. Local users who had access to write to UNIX domain sockets could bypass access controls and manipulate the multipath setup. This could result ...

Astra Linux - уязвимость в multipath-tools

Multipath-tools versions 0.7.7 through 0.9.x, prior to 0.9.2, allowed local users to obtain root access. This vulnerability was exploited in conjunction with CVE-2022-41974. Local users who had access to /dev/shm could modify symlinks within multipathd due to incorrect symlink handling. This coul...

Unity Linux 20.1050e / 20.1060e / 20.1070e Security Update: multipath-tools (UTSA-2025-680596)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-680596 advisory. multipath-tools 0.7.7 through 0.9.x before 0.9.2 allows local users to obtain root access, as exploited in conjunction with CVE-2022-41974. Local users able to acces...

Unity Linux 20.1050e / 20.1060e / 20.1070e Security Update: multipath-tools (UTSA-2025-680597)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-680597 advisory. multipath-tools 0.7.0 through 0.9.x before 0.9.2 allows local users to obtain root access, as exploited alone or in conjunction with CVE-2022-41973. Local users able...

EUVD-2022-45077

Malicious code in bioql PyPI...

EUVD-2022-45078

Malicious code in bioql PyPI...

Linux Distros Unpatched Vulnerability : CVE-2022-41974

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - multipath-tools 0.7.0 through 0.9.x before 0.9.2 allows local users to obtain root access, as exploited alone or in conjunction with CVE-2022-41973. Local users...

TencentOS Server 4: device-mapper-multipath (TSSA-2024:0299)

The version of Tencent Linux installed on the remote TencentOS Server 4 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the TSSA-2024:0299 advisory. Package updates are available for TencentOS Server 4 that fix the following vulnerabilities:...

ABB M2M Gateway Improper Privilege Management in embedded Device-mapper-multipath (CVE-2022-41974)

multipath-tools 0.7.0 through 0.9.x before 0.9.2 allows local users to obtain root access, as exploited alone or in conjunction with CVE-2022-41973. Local users able to write to UNIX domain sockets can bypass access controls and manipulate the multipath setup. This can lead to local privilege...

Advisory ROSA-SA-2024-2520

Software: device-mapper-multipath 0.8.4 OS: ROSA Virtualization 2.1 packageevrstring: device-mapper-multipath-0.8.4-22 CVE-ID: CVE-2022-41974 BDU-ID: 2022-06669 CVE-Crit: HIGH CVE-DESC.: A vulnerability in multipath-tools multipath-tools driver management software is related to privilege manageme...

Huawei EulerOS: Security Advisory for device-mapper-multipath (EulerOS-SA-2024-2262)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Mageia: Security Advisory (MGASA-2024-0071)

The remote host is missing an update for the SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Updated multipath-tools packages fix security vulnerabilities

multipath-tools 0.7.7 through 0.9.x before 0.9.2 allows local users to obtain root access, as exploited in conjunction with CVE-2022-41974. Local users able to access /dev/shm can change symlinks in multipathd due to incorrect symlink handling, which could lead to controlled file writes outside o...

RHEL 8 : device-mapper-multipath (RHSA-2024:1110)

The remote Redhat Enterprise Linux 8 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2024:1110 advisory. The device-mapper-multipath packages provide tools that use the device-mapper multipath kernel module to manage multipath devices. Security Fixes:...

GLSA-202311-06 : multipath-tools: Multiple Vulnerabilities

The remote host is affected by the vulnerability described in GLSA-202311-06 multipath-tools: Multiple Vulnerabilities - multipath-tools 0.7.7 through 0.9.x before 0.9.2 allows local users to obtain root access, as exploited in conjunction with CVE-2022-41974. Local users able to access /dev/shm...

Rocky Linux 9 : device-mapper-multipath (RLSA-2022:7185)

The remote Rocky Linux 9 host has packages installed that are affected by a vulnerability as referenced in the RLSA-2022:7185 advisory. - multipath-tools 0.7.0 through 0.9.x before 0.9.2 allows local users to obtain root access, as exploited alone or in conjunction with CVE-2022-41973. Local user...

Nutanix AHV : Multiple Vulnerabilities (NXSA-AHV-20220304.10055)

The version of AHV installed on the remote host is prior to 20220304.10055. It is, therefore, affected by multiple vulnerabilities as referenced in the NXSA-AHV-20220304.10055 advisory. - BIND 9.11.0 - 9.11.36 9.12.0 - 9.16.26 9.17.0 - 9.18.0 BIND Supported Preview Editions: 9.11.4-S1 - 9.11.36-S...

Advisory ROSA-SA-2023-2218

software: multipath-tools 0.8.9 WASP: ROSA-CHROME packageevrstring: multipath-tools-0.8.9-3.src.rpm CVE-ID: CVE-2022-41973 BDU-ID: None CVE-Crit: HIGH CVE-DESC.: multipath-tools 0.7.7 to 0.9.x to 0.9.2 allows local users to gain root access as used in conjunction with CVE-2022-41974. Local users...

EulerOS Virtualization 3.0.6.6 : device-mapper-multipath (EulerOS-SA-2023-2420)

According to the versions of the device-mapper-multipath packages installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerabilities : - multipath-tools 0.7.0 through 0.9.x before 0.9.2 allows local users to obtain root access, as exploited alone or...

Huawei EulerOS: Security Advisory for device-mapper-multipath (EulerOS-SA-2023-2420)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...