Read Time:12 Second
The Qualys Research Labs reported an authorization bypass
(CVE-2022-41974)
and a symlink attack
(CVE-2022-41973)
in multipath-tools, a set of tools to drive the Device Mapper multipathing
driver, which may result in local privilege escalation.