{"id":"MGASA-2024-0071","summary":"Updated multipath-tools packages fix security vulnerabilities","details":"multipath-tools 0.7.7 through 0.9.x before 0.9.2 allows local users to\nobtain root access, as exploited in conjunction with CVE-2022-41974.\nLocal users able to access /dev/shm can change symlinks in multipathd\ndue to incorrect symlink handling, which could lead to controlled file\nwrites outside of the /dev/shm directory. This could be used indirectly\nfor local privilege escalation to root. (CVE-2022-41973)\nmultipath-tools 0.7.0 through 0.9.x before 0.9.2 allows local users to\nobtain root access, as exploited alone or in conjunction with\nCVE-2022-41973. Local users able to write to UNIX domain sockets can\nbypass access controls and manipulate the multipath setup. This can lead\nto local privilege escalation to root. This occurs because an attacker\ncan repeat a keyword, which is mishandled because arithmetic ADD is used\ninstead of bitwise OR. (CVE-2022-41974)\n","modified":"2026-04-16T00:09:57.926634495Z","published":"2024-03-18T16:12:23Z","upstream":["CVE-2022-41973","CVE-2022-41974"],"references":[{"type":"ADVISORY","url":"https://advisories.mageia.org/MGASA-2024-0071.html"},{"type":"REPORT","url":"https://bugs.mageia.org/show_bug.cgi?id=31017"},{"type":"WEB","url":"https://www.openwall.com/lists/oss-security/2022/10/24/2"},{"type":"WEB","url":"https://lists.opensuse.org/archives/list/security-announce@lists.opensuse.org/thread/APSADEAFW42LM3YIFLMFWKMKPGF667O4/"},{"type":"WEB","url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/thread/QIGZM5NOOMFDCITOLQEJNNX5SCRQLQVV/"},{"type":"WEB","url":"https://access.redhat.com/errata/RHSA-2022:7928"},{"type":"ADVISORY","url":"https://ubuntu.com/security/notices/USN-5731-1"},{"type":"WEB","url":"https://www.debian.org/security/2023/dsa-5366"}],"affected":[{"package":{"name":"multipath-tools","ecosystem":"Mageia:9","purl":"pkg:rpm/mageia/multipath-tools?arch=source&distro=mageia-9"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"0.8.8-2.1.mga9"}]}],"ecosystem_specific":{"section":"core"},"database_specific":{"source":"https://advisories.mageia.org/MGASA-2024-0071.json"}}],"schema_version":"1.7.5","credits":[{"name":"Mageia","contact":["https://wiki.mageia.org/en/Packages_Security_Team"],"type":"COORDINATOR"}]}