A critical vulnerability has been found in device-mapper-multipath which may allow authorization bypass
Details on this can be found here: https://www.qualys.com/2022/10/24/leeloo-multipath/leeloo-multipath.txt
The vulnerability only affects hosts that are running multipathd services and allow users to run their own code (shared login services or worker nodes).
The SVG advisory is available on this link: https://advisories.egi.eu/Advisory-SVG-CVE-2022-41974
Recent Comments