A New Linux Flaw Lets Attackers Gain Full Root Privilege

Two Vulnerabilities Impact MultipathdThe device-mapper-multipath, when used alone or in conjunction with CVE-2022-41973, enables local users to gain root access. In this case, the access controls can be evaded and the multipath configuration can be changed by local users who have the ability to write to UNIX domain sockets. Linux Flaw Let Attackers Gain Full Root PrivilegeThe newly discovered flaw, tracked as CVE-2022-3328, is a race condition in Snapd, a Canonical-developed tool used for the Snap software packaging and deployment system.