#VU68723 UNIX symbolic link following in multipath-tools - CVE-2022-41973

Cybersecurity Help s.r.o.

Published: 2022-10-26 | Updated: 2022-10-30

Vulnerability identifier: #VU68723

Vulnerability risk: Low

CVSSv4.0: 5.9 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2022-41973

CWE-ID: CWE-61

Exploitation vector: Local

Exploit availability: No

Vulnerable software:
multipath-tools
Other software / Other software solutions

Vendor: christophe.varoqui.free.fr

Description

The vulnerability allows a local user to escalate privileges on the system.

The vulnerability exists due to a symlink following issue. A local user can create a specially crafted symbolic link to a critical file on the system and overwrite it with privileges of the application.

Successful exploitation of this vulnerability may result in privilege escalation.

Mitigation
Install updates from vendor's website.

Vulnerable software versions

multipath-tools: 0.7.0 - 0.9.1

External links
https://github.com/opensvc/multipath-tools/releases/tag/0.9.2
https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2022-41973
https://seclists.org/fulldisclosure/2022/Oct/25

Q & A

Can this vulnerability be exploited remotely?

Is there known malware, which exploits this vulnerability?

Latest bulletins with this vulnerability

Amazon Linux AMI update for device-mapper-multipath

Red Hat Enterprise Linux 8.6 Extended Update Support update for device-mapper-multipath

Multiple vulnerabilities in Juniper Networks Session Smart Router

Gentoo update for multipath-tools

Multiple vulnerabilities in Red Hat OpenShift Container Platform release 4.13

Multiple vulnerabilities in Dell PowerStore Family

Multiple vulnerabilities in Dell Container Storage Modules

Multiple vulnerabilities in Juniper Junos Space

Multiple vulnerabilities in Juniper Networks Contrail Cloud