It was discovered that multipath-tools incorrectly handled symlinks. A local attacker could possibly use this issue, in combination with other issues, to escalate privileges. This issue only affected Ubuntu 20.04 LTS, Ubuntu 22.04 LTS, and Ubuntu 22.10. (CVE-2022-41973) It was discovered that multipath-tools incorrectly handled access controls. A local attacker could possibly use this issue, in combination with other issues, to escalate privileges. (CVE-2022-41974)
Continue reading...
Continue reading...