CVE-2018-1084

Synopsis Important: corosync security update Type/Severity Security Advisory: Important Topic An update for corosync is now available for Red Hat Enterprise Linux 7Red Hat Product Security has rated this update as having a security impact of Important A Common Vulnerability Scoring System (CVSS) base scor ...

Debian Bug report logs - #895653 corosync: CVE-2018-1084: Integer overflow in exec/totemcryptoc:authenticate_nss_2_3() function Package: src:corosync; Maintainer for src:corosync is Debian HA Maintainers <debian-ha-maintainers@listsaliothdebianorg>; Reported by: Salvatore Bonaccorso <carnil@debianorg> Date: Sat, ...

Corosync could be made to crash or execute arbitrary code if it received a specially crafted request ...

The Citrix Security Response Team discovered that corosync, a cluster engine implementation, allowed an unauthenticated user to cause a denial-of-service by application crash For the stable distribution (stretch), this problem has been fixed in version 242-3+deb9u1 We recommend that you upgrade your corosync packages For the detailed security ...

Integer overflow in exec/totemcryptoc:authenticate_nss_2_3() functionAn integer overflow leading to an out-of-bound read was found in authenticate_nss_2_3() in Corosync An attacker could craft a malicious packet that would lead to a denial of service(CVE-2018-1084) ...

An integer overflow leading to an out-of-bound read was found in authenticate_nss_2_3() in Corosync An attacker could craft a malicious packet that would lead to a denial of service ...