Note:
This project will be discontinued after December 13, 2021. [more]
2018-04-12
corosync before version 2.4.4 is vulnerable to an integer overflow in exec/totemcrypto.c.
Products | Ubuntu_linux, Corosync, Debian_linux, Enterprise_linux_server |
Type | Integer Overflow or Wraparound (CWE-190) |
First patch | - None (likely due to unavailable code) |
Links |
• https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2018-1084
• https://access.redhat.com/errata/RHSA-2018:1169 • https://www.debian.org/security/2018/dsa-4174 • http://www.securityfocus.com/bid/103758 • https://usn.ubuntu.com/4000-1/ |