3 matches found
Astra Linux – Vulnerability in multipath-tools
In versions of multipath-tools from 0.7.0 to 0.9.x, up to 0.9.2, local users could obtain root access, either alone or in conjunction with CVE-2022-41973. Local users who had access to write to UNIX domain sockets could bypass access controls and manipulate the multipath setup. This could result ...
Signify 安全漏洞
Signify is a digital code signing verification and inspection tool developed by Ralph Broenink. Versions of Signify prior to 0.9.2 contained security vulnerabilities. These vulnerabilities were caused by issues with the signeddata.py and context.py components, which could allow remote attackers t...
AZL-11373 CVE-2022-41974 affecting package device-mapper-multipath for versions less than 0.8.6-4
multipath-tools 0.7.0 through 0.9.x before 0.9.2 allows local users to obtain root access, as exploited alone or in conjunction with CVE-2022-41973. Local users able to write to UNIX domain sockets can bypass access controls and manipulate the multipath setup. This can lead to local privilege...