rpm package
almalinux/device-mapper-multipath
pkg:rpm/almalinux/device-mapper-multipath
Vulnerabilities (3)
| CVE | Sev | CVSS | KEV | Affected versions | Fixed in | Published | Description |
|---|---|---|---|---|---|---|---|
| CVE-2022-3787 | — | < 0.8.4-28.el8_7.1 | 0.8.4-28.el8_7.1 | Mar 29, 2023 | A vulnerability was found in the device-mapper-multipath. The device-mapper-multipath allows local users to obtain root access, exploited alone or in conjunction with CVE-2022-41973. Local users that are able to write to UNIX domain sockets can bypass access controls and manipula | ||
| CVE-2022-41974 | — | < 0.8.7-7.el9_0.1 | 0.8.7-7.el9_0.1 | Oct 29, 2022 | multipath-tools 0.7.0 through 0.9.x before 0.9.2 allows local users to obtain root access, as exploited alone or in conjunction with CVE-2022-41973. Local users able to write to UNIX domain sockets can bypass access controls and manipulate the multipath setup. This can lead to lo | ||
| CVE-2022-41973 | — | < 0.8.7-20.el9 | 0.8.7-20.el9 | Oct 29, 2022 | multipath-tools 0.7.7 through 0.9.x before 0.9.2 allows local users to obtain root access, as exploited in conjunction with CVE-2022-41974. Local users able to access /dev/shm can change symlinks in multipathd due to incorrect symlink handling, which could lead to controlled file |
- CVE-2022-3787Mar 29, 2023affected < 0.8.4-28.el8_7.1fixed 0.8.4-28.el8_7.1
A vulnerability was found in the device-mapper-multipath. The device-mapper-multipath allows local users to obtain root access, exploited alone or in conjunction with CVE-2022-41973. Local users that are able to write to UNIX domain sockets can bypass access controls and manipula
- CVE-2022-41974Oct 29, 2022affected < 0.8.7-7.el9_0.1fixed 0.8.7-7.el9_0.1
multipath-tools 0.7.0 through 0.9.x before 0.9.2 allows local users to obtain root access, as exploited alone or in conjunction with CVE-2022-41973. Local users able to write to UNIX domain sockets can bypass access controls and manipulate the multipath setup. This can lead to lo
- CVE-2022-41973Oct 29, 2022affected < 0.8.7-20.el9fixed 0.8.7-20.el9
multipath-tools 0.7.7 through 0.9.x before 0.9.2 allows local users to obtain root access, as exploited in conjunction with CVE-2022-41974. Local users able to access /dev/shm can change symlinks in multipathd due to incorrect symlink handling, which could lead to controlled file