Your submission was sent successfully! Close

CVE-2022-41973

Published: 24 October 2022

multipath-tools 0.7.7 through 0.9.x before 0.9.2 allows local users to obtain root access, as exploited in conjunction with CVE-2022-41974. Local users able to access /dev/shm can change symlinks in multipathd due to incorrect symlink handling, which could lead to controlled file writes outside of the /dev/shm directory. This could be used indirectly for local privilege escalation to root.

Notes

AuthorNote
alexmurray
introduced in version 0.7.7 via commit 65d0a63
Priority

Medium

CVSS 3 base score: 7.8

Status

Package Release Status
multipath-tools
Launchpad, Ubuntu, Debian
bionic Not vulnerable
(code not present)
focal
Released (0.8.3-1ubuntu2.1)
jammy
Released (0.8.8-1ubuntu1.22.04.1)
kinetic
Released (0.8.8-1ubuntu1.22.10.1)
trusty Not vulnerable
(code not present)
upstream Needs triage

xenial Not vulnerable
(code not present)
Patches:
upstream: https://github.com/opensvc/multipath-tools/commit/cb57b930fa690ab79b3904846634681685e3470f