Date: Thu, 12 Apr 2018 14:16:48 +0200 From: Raphael Sanchez Prudencio <rasanche@...hat.com> To: oss-security@...ts.openwall.com Subject: CVE-2018-1084 corosync: Integer overflow in exec/totemcrypto.c:authenticate_nss_2_3() function Description =========== An integer overflow leading to an out-of-bound read was found in authenticate_nss_2_3() in Corosync. An attacker could craft a malicious packet that would lead to a denial of service. Affected versions ================= All versions of Corosync from 2.0.0 to 2.4.3 are vulnerable. Patched versions ================ Corosync 2.4.4 includes the patch that fixes this vulnerability. Credits ======= This issue was discovered by Citrix Security Response Team. Reference ========== https://github.com/corosync/corosync/commit/fc1d5418533c1faf21616b282c2559bed7d361c4 https://bugzilla.redhat.com/show_bug.cgi?id=1552830 -- Raphael Sanchez Prudencio Red Hat Product Security
Powered by blists - more mailing lists
Please check out the Open Source Software Security Wiki, which is counterpart to this mailing list.
Confused about mailing lists and their use? Read about mailing lists on Wikipedia and check out these guidelines on proper formatting of your messages.