CVE-2022-41973

Description from NVD

multipath-tools 0.7.7 through 0.9.x before 0.9.2 allows local users to obtain root access, as exploited in conjunction with CVE-2022-41974. Local users able to access /dev/shm can change symlinks in multipathd due to incorrect symlink handling, which could lead to controlled file writes outside of the /dev/shm directory. This could be used indirectly for local privilege escalation to root.

Information Acquisition Date:2022-11-01T06:45Z

CVSS 2.0: 0.0 None CVSS 3.x: 7.8 HIGH

▼ CVSS3 Vec CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

Attack Vector (AV)	Network	Adjacent	Local	Physical
Attack Complexity (AC)	LOW	High
Privileges Required (PR)	None	Low	High
User Interaction (UI)	None	Required
Scope (S)	Unchange	Change
Confidentiality (C)	None	Low	High
Integrity (I)	None	Low	High
Availability (A)	None	Low	High

NVD References

https://github.com/opensvc/multipath-tools/releases/tag/0.9.2
source:MISC
tags:Release Notes Third Party Advisory

http://www.openwall.com/lists/oss-security/2022/10/24/2
source:MISC
tags:Exploit Mailing List Third Party Advisory

https://bugzilla.suse.com/show_bug.cgi?id=1202739
source:MISC
tags:Issue Tracking Third Party Advisory

20221030 Authorization bypass and symlink attack in multipathd (CVE-2022-41974 and CVE-2022-41973)
source:FULLDISC
tags:Exploit Mailing List Third Party Advisory

http://packetstormsecurity.com/files/169611/Leeloo-Multipath-Authorization-Bypass-Symlink-Attack.html
source:MISC
tags:Exploit Mailing List Third Party Advisory

Refer to Information on External Sites

CVE Infomation	Exploits or more Infomation
mitre	EXPLOIT DATABASE
NVD	0day.today
vulmon.com	github
CVE Details	Twitter
JVN ENG JPN
Reconshell

Software Tag: Linux(4 tweets) Unix(5 tweets) Wordpress(1 tweets) iOS(1 tweets)

List of frequently cited URLs

URL	Num of Times Referred to
https://cvetrends.com	50
https://security.sios.com/vulnerability/multipath-security-...	3
https://securityaffairs.co/wordpress/139209/hacking/three-l...	3

▼ Show Information from Twitter(21)

User	URL	Info Source	Date
threatintelctr	https://nvd.nist.gov/vuln/detail/CVE-2022-41974	Source threatintelctr 1595061244012249091	2022/11/22
threatintelctr	https://nvd.nist.gov/vuln/detail/CVE-2022-41973	Source threatintelctr 1595061244163395584	2022/11/22
WolfgangSesin	http://www.sesin.at	Source WolfgangSesin 1596522998806216706	2022/11/27
WolfgangSesin	https://www.sesin.at/2022/11/26/cve-2022-41973-multipath-to...	Source WolfgangSesin 1596522998806216706	2022/11/27
www_sesin_at	http://www.sesin.at	Source www_sesin_at 1596523000894980101	2022/11/27
www_sesin_at	https://www.sesin.at/2022/11/26/cve-2022-41973-multipath-to...	Source www_sesin_at 1596523000894980101	2022/11/27
takasugi_mbsjk	http://security.sios.com	Source takasugi_mbsjk 1598090818510032897	2022/12/01
takasugi_mbsjk	https://security.sios.com/vulnerability/multipath-security-...	Source takasugi_mbsjk 1598090818510032897	2022/12/01
threatintelctr	https://nvd.nist.gov/vuln/detail/CVE-2022-41973	Source threatintelctr 1598126442042236929	2022/12/01
threatintelctr	https://nvd.nist.gov/vuln/detail/CVE-2022-41974	Source threatintelctr 1598126442054926338	2022/12/01
Sujeet	https://securityaffairs.co/wordpress/139209/hacking/three-l...	Source Sujeet 1599215588395876352	2022/12/04
SOC_Prime	https://socprime.com/rs/search-result?search=CVE-2022-3328	Source SOC_Prime 1599752445743140865	2022/12/05
SOC_Prime	https://twitter.com/SOC_Prime/status/1599752445743140865/ph...	Source SOC_Prime 1599752445743140865	2022/12/05
SOC_Prime	https://socprime.com/blog/cve-2022-41974-cve-2022-41973-cve...	Source SOC_Prime 1599809949663518721	2022/12/06
threatintelctr	https://nvd.nist.gov/vuln/detail/CVE-2022-41974	Source threatintelctr 1601085974133362689	2022/12/09
threatintelctr	https://nvd.nist.gov/vuln/detail/CVE-2022-41973	Source threatintelctr 1601085974179500032	2022/12/09
threatintelctr	https://nvd.nist.gov/vuln/detail/CVE-2022-41973	Source threatintelctr 1601093519216705536	2022/12/09
threatintelctr	https://nvd.nist.gov/vuln/detail/CVE-2022-41974	Source threatintelctr 1601093519296299009	2022/12/09
threatintelctr	https://nvd.nist.gov/vuln/detail/CVE-2022-41973	Source threatintelctr 1601267138739724290	2022/12/10
threatintelctr	https://nvd.nist.gov/vuln/detail/CVE-2022-41973	Source threatintelctr 1608454502117507072	2022/12/29
threatintelctr	https://nvd.nist.gov/vuln/detail/CVE-2022-41974	Source threatintelctr 1608454502121705479	2022/12/29

List of frequently cited URLs

URL	Num of Times Referred to
cvetrends.com	50
security.sios.com	3
securityaffairs.co	3

▼ Show Information from Twitter(21)

User	URL	Info Source
threatintelctr	nvd.nist.gov	Show Tweet
threatintelctr	nvd.nist.gov	Show Tweet
WolfgangSesin	sesin.at	Show Tweet
WolfgangSesin	sesin.at	Show Tweet
www_sesin_at	sesin.at	Show Tweet
www_sesin_at	sesin.at	Show Tweet
takasugi_mbsjk	security.sios.com	Show Tweet
takasugi_mbsjk	security.sios.com	Show Tweet
threatintelctr	nvd.nist.gov	Show Tweet
threatintelctr	nvd.nist.gov	Show Tweet
Sujeet	securityaffairs.co	Show Tweet
SOC_Prime	socprime.com	Show Tweet
SOC_Prime	twitter.com	Show Tweet
SOC_Prime	socprime.com	Show Tweet
threatintelctr	nvd.nist.gov	Show Tweet
threatintelctr	nvd.nist.gov	Show Tweet
threatintelctr	nvd.nist.gov	Show Tweet
threatintelctr	nvd.nist.gov	Show Tweet
threatintelctr	nvd.nist.gov	Show Tweet
threatintelctr	nvd.nist.gov	Show Tweet
threatintelctr	nvd.nist.gov	Show Tweet

GitHub Search Results: Up to 10

Name	URL
No Data

GitHub Search Results: Up to 10

Name	URL
No Data

2022/12/29 Score : 0
Added Har-sia Database : 2022/10/25
Last Modified : 2022/12/29
Highest Scored Date : 2022/10/30
Highest Score : 23