
<!doctype html>
<html>
    <head>
        <meta http-equiv="Content-Type" content="text/html; charset=utf-8" />
        <title>ALAS2023-2023-126</title>
        <link rel='icon' type='image/x-icon' href='../static/favicon.ico' />
<link rel="stylesheet" href="../static/bootstrap.min.css" type='text/css' media='print, projection, screen' >
<link rel='stylesheet' href='../static/blue_style.css' type='text/css' media='print, projection, screen' />
<link rel='stylesheet' href='../static/fontawesome.css' type='text/css' media='print, projection, screen' />
<link rel='stylesheet' href='../static/style.css' type='text/css' media='print, projection, screen' />
<script type='text/javascript' src='../static/jquery.min.js'></script>
<script type='text/javascript' src='../static/jquery.tablesorter.min.js'></script>
<script type="text/javascript" src="../static/index.js"></script>

<!--Add constant cookie banner on this page-->
<script type = 'text/javascript'>
    var shortbread = AWSCShortbread();
    shortbread.checkForCookieConsent();
    function customize() {
        shortbread.customizeCookies();
    }
</script>

<style>
    a{text-decoration: none; color: #0073BB}
    a:visited{color: #0073BB}
    .Site {
        display: flex;
        display: -webkit-flex; /* Safari */
        min-height: 100vh;
        flex-direction: column;
    }
    .Site-content {
        flex: 1;
    }
</style>
    </head>
    <body class="Site">
        <main class="Site-content">
            <div class="container">
                <nav class="navbar navbar-fixed-top navbar-inverse" style="background-color: #000000" id="bs-navbar">
    <a style="font-size: 20px; color: #FF9900" class="navbar-brand" href="/"><b>Amazon Linux Security Center</b></a>
    <ul class="nav navbar-nav navbar-right" style="color: #ff9900">
    <li style="background-color: #333333;"> <a style="color: #FFFFFF" href="/">Amazon Linux</a> </li><li style="background-color: #333333;"> <a style="color: #FFFFFF" href="/alas2.html">Amazon Linux 2</a> </li><li style="background-color: #FF9900;"> <a style="color: #000000" href="/alas2023.html">Amazon Linux 2023</a> </li><li style="background-color: #333333;"> <a style="color: #FFFFFF" href="/announcements.html">Announcements</a> </li><li style="background-color: #333333;"> <a style="color: #FFFFFF" href="/faqs.html">FAQs</a> </li>
    </ul>
</nav>
            </div>
            <div style='min-height: 523px; margin-top:80px;' class='nine columns content-with-nav' role='main'>
                <section>
                    <div class='title'>
                        <h1 id='ALAS2023-2023-126'>ALAS2023-2023-126</h1>
                    </div>

                    <div class='text'>
                        <hr class='mid-pad'>
                        <span class='alas-info'>

                            <b>Amazon Linux 2023 Security Advisory:</b> ALAS-2023-126

                        </span><br />
                        <span class='alas-info'><b>Advisory Release Date:</b> 2023-03-07 00:29 Pacific</span><br />
                        <span class='alas-info'><b>Advisory Updated Date:</b> 2023-03-08 00:51 Pacific</span><br />

                        <div id='severity' class='alas-info'>
                            <b>Severity:</b>
                            <span class='date'>
                                <span class='bulletin-type'>
                                    <i class='fas fa-exclamation-triangle'></i>
                                </span>
                            </span>
                            Important<br />
                        </div>

                        <div id='references'>
                            <b>References:</b>
                            <a href='/cve/html/CVE-2022-3787.html' target='_blank' rel='noopener noreferrer'>CVE-2022-3787&nbsp;<i class="fas fa-external-link-alt"></i></a>
                            <a href='/cve/html/CVE-2022-41973.html' target='_blank' rel='noopener noreferrer'>CVE-2022-41973&nbsp;<i class="fas fa-external-link-alt"></i></a>
                            <a href='/cve/html/CVE-2022-41974.html' target='_blank' rel='noopener noreferrer'>CVE-2022-41974&nbsp;<i class="fas fa-external-link-alt"></i></a>
                            <br />
                            <a href="../../faqs.html">FAQs regarding Amazon Linux ALAS/CVE Severity</a>
                        </div>

                        <hr class='mid-pad'>
                        <div id='issue_overview'>
                            <b>Issue Overview:</b>
                            <p>A vulnerability was found in the device-mapper-multipath. The device-mapper-multipath allows local users to obtain root access, exploited alone or in conjunction with CVE-2022-41973. Local users that are able to write to UNIX domain sockets can bypass access controls and manipulate the multipath setup. This issue occurs because an attacker can repeat a keyword, which is mishandled when arithmetic ADD is used instead of bitwise OR. This could lead to local privilege escalation to root. (CVE-2022-3787)</p><p>A vulnerability was found in the device-mapper-multipath. The device-mapper-multipath allows local users to obtain root access, in conjunction with CVE-2022-41974. Local users that are able to access /dev/shm can change symlinks in multipathd due to incorrect symlink handling, which may lead to controlled file writes outside of the /dev/shm directory. This could be used indirectly for local privilege escalation to root. (CVE-2022-41973)</p><p>multipath-tools 0.7.0 through 0.9.x before 0.9.2 allows local users to obtain root access, as exploited alone or in conjunction with CVE-2022-41973. Local users able to write to UNIX domain sockets can bypass access controls and manipulate the multipath setup. This can lead to local privilege escalation to root. This occurs because an attacker can repeat a keyword, which is mishandled because arithmetic ADD is used instead of bitwise OR. (CVE-2022-41974)</p>
                        </div>

                        <div id='affected_packages' class='alas-info'>
                            <br />
                            <b>Affected Packages:</b>
                            <br />
                            <p>device-mapper-multipath</p>
                        </div>

                        <div id='issue_correction'>
                            <br />
                            <b>Issue Correction:</b>
                            <br />Run <i>dnf update device-mapper-multipath --releasever=2023.0.20230308</i> to update your system.
                                <br /></div>
                        <br />
                        <div id='new_packages'>
                            <b>New Packages:</b><pre>aarch64:<br />&nbsp;&nbsp;&nbsp; device-mapper-multipath-debuginfo-0.8.7-16.amzn2023.0.1.aarch64<br />&nbsp;&nbsp;&nbsp; kpartx-debuginfo-0.8.7-16.amzn2023.0.1.aarch64<br />&nbsp;&nbsp;&nbsp; device-mapper-multipath-debugsource-0.8.7-16.amzn2023.0.1.aarch64<br />&nbsp;&nbsp;&nbsp; libdmmp-0.8.7-16.amzn2023.0.1.aarch64<br />&nbsp;&nbsp;&nbsp; libdmmp-devel-0.8.7-16.amzn2023.0.1.aarch64<br />&nbsp;&nbsp;&nbsp; libdmmp-debuginfo-0.8.7-16.amzn2023.0.1.aarch64<br />&nbsp;&nbsp;&nbsp; device-mapper-multipath-devel-0.8.7-16.amzn2023.0.1.aarch64<br />&nbsp;&nbsp;&nbsp; kpartx-0.8.7-16.amzn2023.0.1.aarch64<br />&nbsp;&nbsp;&nbsp; device-mapper-multipath-0.8.7-16.amzn2023.0.1.aarch64<br />&nbsp;&nbsp;&nbsp; device-mapper-multipath-libs-debuginfo-0.8.7-16.amzn2023.0.1.aarch64<br />&nbsp;&nbsp;&nbsp; device-mapper-multipath-libs-0.8.7-16.amzn2023.0.1.aarch64<br /><br />i686:<br />&nbsp;&nbsp;&nbsp; device-mapper-multipath-debuginfo-0.8.7-16.amzn2023.0.1.i686<br />&nbsp;&nbsp;&nbsp; device-mapper-multipath-libs-debuginfo-0.8.7-16.amzn2023.0.1.i686<br />&nbsp;&nbsp;&nbsp; device-mapper-multipath-libs-0.8.7-16.amzn2023.0.1.i686<br />&nbsp;&nbsp;&nbsp; device-mapper-multipath-debugsource-0.8.7-16.amzn2023.0.1.i686<br />&nbsp;&nbsp;&nbsp; device-mapper-multipath-0.8.7-16.amzn2023.0.1.i686<br />&nbsp;&nbsp;&nbsp; kpartx-debuginfo-0.8.7-16.amzn2023.0.1.i686<br />&nbsp;&nbsp;&nbsp; libdmmp-0.8.7-16.amzn2023.0.1.i686<br />&nbsp;&nbsp;&nbsp; kpartx-0.8.7-16.amzn2023.0.1.i686<br />&nbsp;&nbsp;&nbsp; libdmmp-debuginfo-0.8.7-16.amzn2023.0.1.i686<br />&nbsp;&nbsp;&nbsp; libdmmp-devel-0.8.7-16.amzn2023.0.1.i686<br />&nbsp;&nbsp;&nbsp; device-mapper-multipath-devel-0.8.7-16.amzn2023.0.1.i686<br /><br />src:<br />&nbsp;&nbsp;&nbsp; device-mapper-multipath-0.8.7-16.amzn2023.0.1.src<br /><br />x86_64:<br />&nbsp;&nbsp;&nbsp; device-mapper-multipath-libs-debuginfo-0.8.7-16.amzn2023.0.1.x86_64<br />&nbsp;&nbsp;&nbsp; kpartx-0.8.7-16.amzn2023.0.1.x86_64<br />&nbsp;&nbsp;&nbsp; device-mapper-multipath-debugsource-0.8.7-16.amzn2023.0.1.x86_64<br />&nbsp;&nbsp;&nbsp; libdmmp-debuginfo-0.8.7-16.amzn2023.0.1.x86_64<br />&nbsp;&nbsp;&nbsp; libdmmp-0.8.7-16.amzn2023.0.1.x86_64<br />&nbsp;&nbsp;&nbsp; kpartx-debuginfo-0.8.7-16.amzn2023.0.1.x86_64<br />&nbsp;&nbsp;&nbsp; device-mapper-multipath-devel-0.8.7-16.amzn2023.0.1.x86_64<br />&nbsp;&nbsp;&nbsp; device-mapper-multipath-0.8.7-16.amzn2023.0.1.x86_64<br />&nbsp;&nbsp;&nbsp; libdmmp-devel-0.8.7-16.amzn2023.0.1.x86_64<br />&nbsp;&nbsp;&nbsp; device-mapper-multipath-debuginfo-0.8.7-16.amzn2023.0.1.x86_64<br />&nbsp;&nbsp;&nbsp; device-mapper-multipath-libs-0.8.7-16.amzn2023.0.1.x86_64<br /><br /></pre></div>
                    </div>
                    <div style="flex:1; margin-bottom: 40px;" class="links-container">
                        <h3 class="section-heading">Additional References</h3>
                        <p>
                            Red Hat:&nbsp;<a style="margin-bottom: 40px;" href="https://access.redhat.com/security/cve/CVE-2022-3787" target="_blank" rel="noopener noreferrer">CVE-2022-3787</a>,
                            <a style="margin-bottom: 40px;" href="https://access.redhat.com/security/cve/CVE-2022-41973" target="_blank" rel="noopener noreferrer">CVE-2022-41973</a>,
                            <a style="margin-bottom: 40px;" href="https://access.redhat.com/security/cve/CVE-2022-41974" target="_blank" rel="noopener noreferrer">CVE-2022-41974</a></p>
                        <p>
                            Mitre:&nbsp;<a style="margin-bottom: 40px;" href="https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-3787" target="_blank" rel="noopener noreferrer">CVE-2022-3787</a>,
                            <a style="margin-bottom: 40px;" href="https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-41973" target="_blank" rel="noopener noreferrer">CVE-2022-41973</a>,
                            <a style="margin-bottom: 40px;" href="https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-41974" target="_blank" rel="noopener noreferrer">CVE-2022-41974</a></p>
                    </div>
                </section>
            </div>
        </main>
        <footer style="padding-left: 30px; padding-right: 30px;"><p style="color: #687078">
      CVE description copyright &#169 2023
      <a href="https://cve.mitre.org/about/termsofuse.html" target="_blank" rel="noopener noreferrer">The MITRE Corporation</a>
    </p>
    <p style="color: #687078">
      CVE description copyright &#169 2023 Red Hat, Inc. Per
      <a href="https://access.redhat.com/security/data" target="_blank" rel="noopener noreferrer">https://access.redhat.com/security/data</a>,
      RedHat's CVE report is licensed under
      <a href="https://creativecommons.org/licenses/by/4.0/" target="_blank" rel="noopener noreferrer">CC BY 4.0</a>.
    </p>
</footer>
        <footer style="padding-left: 30px; padding-right: 30px;"><p>
        <a href="https://aws.amazon.com/privacy/" target="_blank" rel="noopener noreferrer">Privacy</a> |
        <a href="https://aws.amazon.com/terms/" target="_blank" rel="noopener noreferrer">Site terms</a> |
        <a href="#" onclick="customize()">Cookie preferences</a> |
        <span style="color: #687078">&#169 2023, Amazon Web Services, Inc. or its affiliates. All rights reserved.</span>
    </p>
</footer>
    </body>
</html>
