MGASA-2024-0071 - Updated multipath-tools packages fix security vulnerabilities

Publication date: 18 Mar 2024
URL: https://advisories.mageia.org/MGASA-2024-0071.html
Type: security
Affected Mageia releases: 9
CVE: CVE-2022-41973,
     CVE-2022-41974

multipath-tools 0.7.7 through 0.9.x before 0.9.2 allows local users to
obtain root access, as exploited in conjunction with CVE-2022-41974.
Local users able to access /dev/shm can change symlinks in multipathd
due to incorrect symlink handling, which could lead to controlled file
writes outside of the /dev/shm directory. This could be used indirectly
for local privilege escalation to root. (CVE-2022-41973)
multipath-tools 0.7.0 through 0.9.x before 0.9.2 allows local users to
obtain root access, as exploited alone or in conjunction with
CVE-2022-41973. Local users able to write to UNIX domain sockets can
bypass access controls and manipulate the multipath setup. This can lead
to local privilege escalation to root. This occurs because an attacker
can repeat a keyword, which is mishandled because arithmetic ADD is used
instead of bitwise OR. (CVE-2022-41974)

References:
- https://bugs.mageia.org/show_bug.cgi?id=31017
- https://www.openwall.com/lists/oss-security/2022/10/24/2
- https://lists.opensuse.org/archives/list/security-announce@lists.opensuse.org/thread/APSADEAFW42LM3YIFLMFWKMKPGF667O4/
- https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/thread/QIGZM5NOOMFDCITOLQEJNNX5SCRQLQVV/
- https://access.redhat.com/errata/RHSA-2022:7928
- https://ubuntu.com/security/notices/USN-5731-1
- https://www.debian.org/security/2023/dsa-5366
- https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-41973
- https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-41974

SRPMS:
- 9/core/multipath-tools-0.8.8-2.1.mga9

Mageia 2024-0071: multipath-tools security update

multipath-tools 0.7.7 through 0.9.x before 0.9.2 allows local users to obtain root access, as exploited in conjunction with CVE-2022-41974

Summary

multipath-tools 0.7.7 through 0.9.x before 0.9.2 allows local users to obtain root access, as exploited in conjunction with CVE-2022-41974. Local users able to access /dev/shm can change symlinks in multipathd due to incorrect symlink handling, which could lead to controlled file writes outside of the /dev/shm directory. This could be used indirectly for local privilege escalation to root. (CVE-2022-41973) multipath-tools 0.7.0 through 0.9.x before 0.9.2 allows local users to obtain root access, as exploited alone or in conjunction with CVE-2022-41973. Local users able to write to UNIX domain sockets can bypass access controls and manipulate the multipath setup. This can lead to local privilege escalation to root. This occurs because an attacker can repeat a keyword, which is mishandled because arithmetic ADD is used instead of bitwise OR. (CVE-2022-41974)

References

- https://bugs.mageia.org/show_bug.cgi?id=31017

- https://www.openwall.com/lists/oss-security/2022/10/24/2

- https://lists.opensuse.org/archives/list/security-announce@lists.opensuse.org/thread/APSADEAFW42LM3YIFLMFWKMKPGF667O4/

- https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/thread/QIGZM5NOOMFDCITOLQEJNNX5SCRQLQVV/

- https://access.redhat.com/errata/RHSA-2022:7928

- https://ubuntu.com/security/notices/USN-5731-1

- https://www.debian.org/security/2023/dsa-5366

- https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-41973

- https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-41974

Resolution

MGASA-2024-0071 - Updated multipath-tools packages fix security vulnerabilities

SRPMS

- 9/core/multipath-tools-0.8.8-2.1.mga9

Severity
Publication date: 18 Mar 2024
URL: https://advisories.mageia.org/MGASA-2024-0071.html
Type: security
CVE: CVE-2022-41973, CVE-2022-41974

Related News

The End of the Road for Linux 6.11: A Call to Upgrade to Kernel 6.12
3 - 5 min read
The Linux kernel community recently issued an EOL announcement regarding the 6.11 kernel series, urging sysadmins to upgrade quickly to 6.12 . This
A Linux Admin
3 - 6 min read
As 2025 approaches, we Linux admins are facing new and often unseen cloud-native security obstacles. While skilled at mitigating known risks,
Leveraging Insights from the Linux Foundation
3 - 5 min read
The Linux Foundation's recent Census III report provides critical insights for Linux administrators, information security professionals, and anyone
Chrome 131 Released: Emergency Security Update Fixes Over a Dozen Significant Vulns
3 - 6 min read
Google recently unveiled a critical security update to their popular web browser, Google Chrome, addressing over a dozen significant security
From Wayland Fixes to Security Boosts: Examining Qt 6.8.1
3 - 6 min read
The recent Qt 6.8.1 release brings significant updates and improvements, strengthening its reputation as a secure and reliable application
Exploring Arch Linux 2024.12.01: Security Implications & Notable Enhancements for Linux Admins
3 - 6 min read
The Arch Linux 2024.12.01 ISO release marks an impressive milestone, offering cutting-edge updates that enhance functionality, streamline
Deck the Halls with Enhanced Security: Linux Kernel 6.13
3 - 5 min read
As Linux admins and infosec professionals prepare for the holiday season, there's much cause for celebration this year! Linus Torvalds recently made
Lessons from Bootkitty: Securing Linux Systems Against UEFI Intrusions
3 - 5 min read
New Linux security threats mark critical junctures that challenge existing policies and test security protocols to their limit. One such milestone

Get the Latest News & Insights

Sign up to get the latest security news affecting Linux and open source delivered straight to your inbox.

© 2024 Guardian Digital, Inc All Rights Reserved