CVE-2022-41974

Published: Oct 29, 2022Modified: Nov 21, 2024

7.8

Vector

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

Exploitability: 1.8 / Impact: 5.9

Source: NVD

Description

multipath-tools 0.7.0 through 0.9.x before 0.9.2 allows local users to obtain root access, as exploited alone or in conjunction with CVE-2022-41973. Local users able to write to UNIX domain sockets can bypass access controls and manipulate the multipath setup. This can lead to local privilege escalation to root. This occurs because an attacker can repeat a keyword, which is mishandled because arithmetic ADD is used instead of bitwise OR.

Affected (4)

Products: Opensvc: Multipath Tools · Fedoraproject: Fedora · Debian: Debian Linux

1 product

Multipath Tools

1 product

1 product

Configuration A

1 vulnerable

Vulnerable Software	Affected Versions
Opensvc Multipath Tools	From 0.7.0 to 0.9.2

Configuration B

1 vulnerable

Vulnerable Software	Affected Versions
Fedoraproject Fedora	Version 36

Configuration C

2 vulnerable

Vulnerable Software	Affected Versions
Debian Debian Linux	Version 10.0
Debian Debian Linux	Version 11.0

Related CWEs

Improper Privilege Management

The product does not properly assign, modify, track, or check privileges for an actor, creating an unintended sphere of control for that actor.

References (26)

http://packetstormsecurity.com/files/169611/Leeloo-Multipath-Authorization-Bypass-Symlink-Attack.html

Source: cve@mitre.org

ExploitMailing ListThird Party AdvisoryVDB Entry

http://packetstormsecurity.com/files/170176/snap-confine-must_mkdir_and_open_with_perms-Race-Condition.html

Source: cve@mitre.org

ExploitThird Party AdvisoryVDB Entry

http://seclists.org/fulldisclosure/2022/Dec/4

Source: cve@mitre.org

ExploitMailing ListThird Party Advisory

http://seclists.org/fulldisclosure/2022/Oct/25

Source: cve@mitre.org

ExploitMailing ListThird Party Advisory

http://www.openwall.com/lists/oss-security/2022/10/24/2

Source: cve@mitre.org

ExploitMailing ListThird Party Advisory

http://www.openwall.com/lists/oss-security/2022/11/30/2

Source: cve@mitre.org

ExploitMailing ListThird Party Advisory

https://bugzilla.suse.com/show_bug.cgi?id=1202739

Source: cve@mitre.org

Issue TrackingThird Party Advisory

https://github.com/opensvc/multipath-tools/releases/tag/0.9.2

Source: cve@mitre.org

Release NotesThird Party Advisory

https://lists.debian.org/debian-lts-announce/2022/12/msg00037.html

Source: cve@mitre.org

Mailing ListThird Party Advisory

https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/QIGZM5NOOMFDCITOLQEJNNX5SCRQLQVV/

Source: cve@mitre.org

https://security.gentoo.org/glsa/202311-06

Source: cve@mitre.org

https://www.debian.org/security/2023/dsa-5366

Source: cve@mitre.org

Third Party Advisory

https://www.qualys.com/2022/10/24/leeloo-multipath/leeloo-multipath.txt

Source: cve@mitre.org

ExploitThird Party Advisory

http://packetstormsecurity.com/files/169611/Leeloo-Multipath-Authorization-Bypass-Symlink-Attack.html

Source: af854a3a-2127-422b-91ae-364da2661108

ExploitMailing ListThird Party AdvisoryVDB Entry

http://packetstormsecurity.com/files/170176/snap-confine-must_mkdir_and_open_with_perms-Race-Condition.html

Source: af854a3a-2127-422b-91ae-364da2661108

ExploitThird Party AdvisoryVDB Entry

http://seclists.org/fulldisclosure/2022/Dec/4

Source: af854a3a-2127-422b-91ae-364da2661108

ExploitMailing ListThird Party Advisory

http://seclists.org/fulldisclosure/2022/Oct/25

Source: af854a3a-2127-422b-91ae-364da2661108

ExploitMailing ListThird Party Advisory

http://www.openwall.com/lists/oss-security/2022/10/24/2

Source: af854a3a-2127-422b-91ae-364da2661108

ExploitMailing ListThird Party Advisory

http://www.openwall.com/lists/oss-security/2022/11/30/2

Source: af854a3a-2127-422b-91ae-364da2661108

ExploitMailing ListThird Party Advisory

https://bugzilla.suse.com/show_bug.cgi?id=1202739

Source: af854a3a-2127-422b-91ae-364da2661108

Issue TrackingThird Party Advisory

https://github.com/opensvc/multipath-tools/releases/tag/0.9.2

Source: af854a3a-2127-422b-91ae-364da2661108

Release NotesThird Party Advisory

https://lists.debian.org/debian-lts-announce/2022/12/msg00037.html

Source: af854a3a-2127-422b-91ae-364da2661108

Mailing ListThird Party Advisory

https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/QIGZM5NOOMFDCITOLQEJNNX5SCRQLQVV/

Source: af854a3a-2127-422b-91ae-364da2661108

https://security.gentoo.org/glsa/202311-06

Source: af854a3a-2127-422b-91ae-364da2661108

https://www.debian.org/security/2023/dsa-5366

Source: af854a3a-2127-422b-91ae-364da2661108

Third Party Advisory

https://www.qualys.com/2022/10/24/leeloo-multipath/leeloo-multipath.txt

Source: af854a3a-2127-422b-91ae-364da2661108

ExploitThird Party Advisory

Timeline

No history available yet.