device-mapper-multipath-0.8.7-7.el9.1
エラータID: AXSA:2022-4131:06
リリース日:
2022/11/24 Thursday - 11:43
題名:
device-mapper-multipath-0.8.7-7.el9.1
影響のあるチャネル:
MIRACLE LINUX 9 for x86_64
Severity:
High
Description:
以下項目について対処しました。
[Security Fix]
- multipath-tools には、ビット演算に利用する演算子に誤りがあるため、
ローカルの攻撃者により、キーワードを繰り返し送信することを介して、
特権昇格を可能とする脆弱性が存在します。(CVE-2022-41974)
解決策:
パッケージをアップデートしてください。
CVE:
CVE-2022-41974
multipath-tools 0.7.0 through 0.9.x before 0.9.2 allows local users to obtain root access, as exploited alone or in conjunction with CVE-2022-41973. Local users able to write to UNIX domain sockets can bypass access controls and manipulate the multipath setup. This can lead to local privilege escalation to root. This occurs because an attacker can repeat a keyword, which is mishandled because arithmetic ADD is used instead of bitwise OR.
multipath-tools 0.7.0 through 0.9.x before 0.9.2 allows local users to obtain root access, as exploited alone or in conjunction with CVE-2022-41973. Local users able to write to UNIX domain sockets can bypass access controls and manipulate the multipath setup. This can lead to local privilege escalation to root. This occurs because an attacker can repeat a keyword, which is mishandled because arithmetic ADD is used instead of bitwise OR.
追加情報:
N/A
ダウンロード:
SRPMS
- device-mapper-multipath-0.8.7-7.el9.1.src.rpm
MD5: 6efbaaffcfd8e6001c99caacfd65c475
SHA-256: 7871f5ca72a429cf51cbc28e07a0d6b524fb9dfdb9486b3ea62002f5a984fb2b
Size: 608.33 kB
Asianux Server 9 for x86_64
- device-mapper-multipath-0.8.7-7.el9.1.x86_64.rpm
MD5: aa68dca068bb34076d4659aa075d3121
SHA-256: cba85394b69f60197545a47f598ab8f6572697cccee4216893cacbf1c214fb06
Size: 139.84 kB - device-mapper-multipath-devel-0.8.7-7.el9.1.x86_64.rpm
MD5: 890ccff36a00d1390419b6700bdc6f47
SHA-256: 3e694ca1d316d7b62b24bfcab293f25ff09f84590bdd4f187648a96905860d2f
Size: 23.68 kB - device-mapper-multipath-libs-0.8.7-7.el9.1.x86_64.rpm
MD5: 29713ef84fa0efd523187d976753f6ec
SHA-256: 3529caf39578f8c14943570a8d41ea38730a01f63b44057f664e091eeeaa0044
Size: 263.18 kB - kpartx-0.8.7-7.el9.1.x86_64.rpm
MD5: 38f6fbd2afebebac6183e03cefc482fa
SHA-256: cb6f58c26cd3ac7c3c7a34d83c3261a1463f3216b7d027434a0dce58c98d80bc
Size: 45.45 kB - device-mapper-multipath-devel-0.8.7-7.el9.1.i686.rpm
MD5: 50c4f39502b8d0ff201b42ced922b3f5
SHA-256: 446bcb46d089ef0731184ad1d43f845745c047f85d11de3a5f9a6f707b2f68b4
Size: 23.66 kB - device-mapper-multipath-libs-0.8.7-7.el9.1.i686.rpm
MD5: e0aa9e4ac80786b290793badc76045ac
SHA-256: 7e8b1ff5fce4b1e21a8e79715eed482b929a7d2e689bc6e4ed56fa4ff1da5ec3
Size: 279.99 kB