ALSA-2023:2459

[ALSA-2023:2459] Moderate: device-mapper-multipath security and bug fix update

Type:

security

Severity:

moderate

Release date:

2023-05-12

Description:

The device-mapper-multipath packages provide tools that use the device-mapper multipath kernel module to manage multipath devices.

Security Fix(es):

* device-mapper-multipath: multipathd: insecure handling of files in /dev/shm leading to symlink attack (CVE-2022-41973)

For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.

Additional Changes:

For detailed information on changes in this release, see the AlmaLinux Release Notes linked from the References section.

References:

Updated packages listed below:

Architecture	Package	Checksum
aarch64	device-mapper-multipath-0.8.7-20.el9.aarch64.rpm	6a4eb60dcb5b04301d9bee54f1a4ae5c4f6eb934ff858c998c2b3b881def0cdc
aarch64	kpartx-0.8.7-20.el9.aarch64.rpm	77fe0cc67214ed2aef54b0aff640a872e5bd610c5cb5aaf610b2eccf64aa7971
aarch64	device-mapper-multipath-libs-0.8.7-20.el9.aarch64.rpm	89f3b65a2aacf7c0bfe93913ce754381afc0d3976d6d4e173cd3e2d626fb2355
aarch64	device-mapper-multipath-devel-0.8.7-20.el9.aarch64.rpm	dd4a2d670b81cffffcd0d4ae26a724e0d25595390cff4d6a0cfa2a66ec93611d
i686	device-mapper-multipath-devel-0.8.7-20.el9.i686.rpm	9d047a0f6dc7717112ff360675196f972915c3b7a8bc2581800eb14d91a4973e
i686	device-mapper-multipath-libs-0.8.7-20.el9.i686.rpm	d54577de025b30eafef80740830d88cb70174ade9eb884ea1b21a0a3b6156469
ppc64le	device-mapper-multipath-devel-0.8.7-20.el9.ppc64le.rpm	1a48b14901692425364db8af8003e1bd28325cf635395e82dcdd4c7198ecec23
ppc64le	device-mapper-multipath-0.8.7-20.el9.ppc64le.rpm	4c494e5db30fb35c9b4d6806105862f232a9b995c56047f5bc01bfa85ab3fedb
ppc64le	kpartx-0.8.7-20.el9.ppc64le.rpm	60bb3c7b3f712f0903a845b4c62ad704b51c67e96e0baec05aeaecb042975771
ppc64le	device-mapper-multipath-libs-0.8.7-20.el9.ppc64le.rpm	65eb5fdac9100133a7eec511ad6d930fcba76545cb851c3d0fc4cb04880481b1
s390x	device-mapper-multipath-0.8.7-20.el9.s390x.rpm	4912f28110a2d4a4b5cf126f7467e11e707d60bb1d7db390d7123b3829bfa3da
s390x	device-mapper-multipath-devel-0.8.7-20.el9.s390x.rpm	540c9f790a4f798fbe4bc5ab181bd865dc6b640eda1e15198070650082adf0b5
s390x	kpartx-0.8.7-20.el9.s390x.rpm	8f6f4b64d5c37980f620916056cbf26a8887b5c1f3765b630c40c934fc0e9611
s390x	device-mapper-multipath-libs-0.8.7-20.el9.s390x.rpm	f8d10caa30eb69e6ff51e45af5e01ea01a5a91170c6556c4dc225a0b11667f7f
x86_64	device-mapper-multipath-devel-0.8.7-20.el9.x86_64.rpm	2d7f402ad2cc0bfe0faeefb4ad28f638c05dfe1a01e224c527d2a98ea40dad77
x86_64	kpartx-0.8.7-20.el9.x86_64.rpm	898235e1c73541fc538e7027c49b43469d6e8304c1d9538b092ba540c3c3d674
x86_64	device-mapper-multipath-0.8.7-20.el9.x86_64.rpm	c5ebfd572718ebf5a7b4e5a2e17bb032e69e5fe29a107ae452f94a0971f5634f
x86_64	device-mapper-multipath-libs-0.8.7-20.el9.x86_64.rpm	d78f3e0cf4157387bf02276215732a0dbc60796d32d0a408ff28f8ac3594a0d1

Notes:

This page is generated automatically from Red Hat security data and has not been checked for errors. For clarification or corrections please contact the AlmaLinux Packaging Team.