Date: Thu, 12 Apr 2018 14:16:48 +0200 From: Raphael Sanchez Prudencio <rasanche@...hat.com> To: oss-security@...ts.openwall.com Subject: CVE-2018-1084 corosync: Integer overflow in exec/totemcrypto.c:authenticate_nss_2_3() function Description =========== An integer overflow leading to an out-of-bound read was found in authenticate_nss_2_3() in Corosync. An attacker could craft a malicious packet that would lead to a denial of service. Affected versions ================= All versions of Corosync from 2.0.0 to 2.4.3 are vulnerable. Patched versions ================ Corosync 2.4.4 includes the patch that fixes this vulnerability. Credits ======= This issue was discovered by Citrix Security Response Team. Reference ========== https://github.com/corosync/corosync/commit/fc1d5418533c1faf21616b282c2559bed7d361c4 https://bugzilla.redhat.com/show_bug.cgi?id=1552830 -- Raphael Sanchez Prudencio Red Hat Product Security
Powered by blists - more mailing lists
Please check out the Open Source Software Security Wiki, which is counterpart to this mailing list.
Powered by Openwall GNU/*/Linux - Powered by OpenVZ