PT-2022-7214 · Unknown+8 · Multipath-Tools+8

Alexander Bergmann

·

Published

2022-08-24

·

Updated

2025-02-18

·

CVE-2022-41973

CVSS v3.1

7.8

High

VectorAV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
Name of the Vulnerable Software and Affected Versions multipath-tools versions 0.7.7 through 0.9.x before 0.9.2
Description The issue is related to incorrect handling of symlinks in multipathd, allowing local users who can access /dev/shm to change symlinks. This could lead to controlled file writes outside of the /dev/shm directory, potentially allowing for local privilege escalation to root. The problem is associated with incorrect symlink handling before accessing a file, which could enable an attacker to access confidential data, compromise its integrity, and cause a denial of service.
Recommendations For multipath-tools versions 0.7.7 through 0.9.x before 0.9.2, consider updating to version 0.9.2 or later to resolve the issue. As a temporary workaround, restrict access to /dev/shm to minimize the risk of exploitation. Additionally, consider disabling the multipathd service until a patch is applied to prevent potential abuse.

Exploit

Fix

LPE

Link Following

Weakness Enumeration

CWE-59

Related Identifiers

ALSA-2023:2459
ALSA-2023:2948
ALT-PU-2022-3217
ALT-PU-2022-3391
ALT-PU-2022-3392
ALT-PU-2023-1102
AZL-11371
BDU:2023-09098
CESA-2023_2948
CVE-2022-41973
DLA-3250-1
DSA-5366-1
MGASA-2024-0071
OESA-2022-2042
OPENSUSE-SU-2022_3710-1
OPENSUSE-SU-2022_3711-1
OPENSUSE-SU-2024:12443-1
RHSA-2023:2459
RHSA-2023:2948
RHSA-2023_2459
RHSA-2023_2948
RHSA-2024:1110
ROSA-SA-2023-2218
SUSE-SU-2022:3707-1
SUSE-SU-2022:3708-1
SUSE-SU-2022:3709-1
SUSE-SU-2022:3710-1
SUSE-SU-2022:3711-1
SUSE-SU-2022_3707-1
SUSE-SU-2022_3708-1
SUSE-SU-2022_3709-1
SUSE-SU-2022_3710-1
SUSE-SU-2022_3711-1
USN-5731-1

Affected Products

Alt Linux
Almalinux
Astra Linux
Centos
Linuxmint
Red Hat
Suse
Ubuntu
Multipath-Tools