Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
N/A
Vulnerability Description
The Device Mapper multipathing driver (aka multipath-tools or device-mapper-multipath) 0.4.8, as used in SUSE openSUSE, SUSE Linux Enterprise Server (SLES), Fedora, and possibly other operating systems, uses world-writable permissions for the socket file (aka /var/run/multipathd.sock), which allows local users to send arbitrary commands to the multipath daemon.
CVSS Information
N/A
Vulnerability Type
N/A
Vulnerability Title
Device Mapper Device Mapper多路径驱动程序权限许可和访问控制漏洞
Vulnerability Description
Device Mapper multipath-tools软件包是提供工具来管理发出指示设备映射多路径内核模块多路设备,通过建立和删除的设备的分区来实现设备映射。 当在SUSE openSUSE,SUSE Linux Enterprise Server(SLES),Fedora和其他操作系统中使用时,Device Mapper多路径驱动程序0.4.8版本为套接字文件(又称/var/run/multipathd.sock)使用全局可写权限。本地用户可利用此漏洞发送任意指令到多路径后台程序。
CVSS Information
N/A
Vulnerability Type
N/A