Количество 7
Количество 7
GHSA-m46g-8pc6-m8q7
A vulnerability was found in the device-mapper-multipath. The device-mapper-multipath allows local users to obtain root access, exploited alone or in conjunction with CVE-2022-41973. Local users that are able to write to UNIX domain sockets can bypass access controls and manipulate the multipath setup. This issue occurs because an attacker can repeat a keyword, which is mishandled when arithmetic ADD is used instead of bitwise OR. This could lead to local privilege escalation to root.
CVE-2022-3787
A vulnerability was found in the device-mapper-multipath. The device-mapper-multipath allows local users to obtain root access, exploited alone or in conjunction with CVE-2022-41973. Local users that are able to write to UNIX domain sockets can bypass access controls and manipulate the multipath setup. This issue occurs because an attacker can repeat a keyword, which is mishandled when arithmetic ADD is used instead of bitwise OR. This could lead to local privilege escalation to root.
CVE-2022-3787
A vulnerability was found in the device-mapper-multipath. The device-mapper-multipath allows local users to obtain root access, exploited alone or in conjunction with CVE-2022-41973. Local users that are able to write to UNIX domain sockets can bypass access controls and manipulate the multipath setup. This issue occurs because an attacker can repeat a keyword, which is mishandled when arithmetic ADD is used instead of bitwise OR. This could lead to local privilege escalation to root.
RLSA-2022:8453
Important: device-mapper-multipath security update
RLSA-2022:7928
Important: device-mapper-multipath security update
ELSA-2022-8453
ELSA-2022-8453: device-mapper-multipath security update (IMPORTANT)
ELSA-2022-7928
ELSA-2022-7928: device-mapper-multipath security update (IMPORTANT)
Уязвимостей на страницу
Уязвимость | CVSS | EPSS | Опубликовано | |
|---|---|---|---|---|
| GHSA-m46g-8pc6-m8q7 A vulnerability was found in the device-mapper-multipath. The device-mapper-multipath allows local users to obtain root access, exploited alone or in conjunction with CVE-2022-41973. Local users that are able to write to UNIX domain sockets can bypass access controls and manipulate the multipath setup. This issue occurs because an attacker can repeat a keyword, which is mishandled when arithmetic ADD is used instead of bitwise OR. This could lead to local privilege escalation to root. | CVSS3: 7.8 | 0% Низкий | больше 2 лет назад |
 | CVE-2022-3787 A vulnerability was found in the device-mapper-multipath. The device-mapper-multipath allows local users to obtain root access, exploited alone or in conjunction with CVE-2022-41973. Local users that are able to write to UNIX domain sockets can bypass access controls and manipulate the multipath setup. This issue occurs because an attacker can repeat a keyword, which is mishandled when arithmetic ADD is used instead of bitwise OR. This could lead to local privilege escalation to root. | CVSS3: 8.4 | 0% Низкий | почти 3 года назад |
 | CVE-2022-3787 A vulnerability was found in the device-mapper-multipath. The device-mapper-multipath allows local users to obtain root access, exploited alone or in conjunction with CVE-2022-41973. Local users that are able to write to UNIX domain sockets can bypass access controls and manipulate the multipath setup. This issue occurs because an attacker can repeat a keyword, which is mishandled when arithmetic ADD is used instead of bitwise OR. This could lead to local privilege escalation to root. | CVSS3: 7.8 | 0% Низкий | больше 2 лет назад |
 | RLSA-2022:8453 Important: device-mapper-multipath security update | 0% Низкий | больше 2 лет назад | |
| RLSA-2022:7928 Important: device-mapper-multipath security update | 0% Низкий | больше 2 лет назад | |
| ELSA-2022-8453 ELSA-2022-8453: device-mapper-multipath security update (IMPORTANT) | больше 2 лет назад | ||
| ELSA-2022-7928 ELSA-2022-7928: device-mapper-multipath security update (IMPORTANT) | больше 2 лет назад |
Уязвимостей на страницу