PT-2018-3449 · Corosync+5 · Corosync+5

Adam Mariš

Publicado

2018-03-07

Atualizado

2024-06-15

CVE-2018-1084

CVSS v2.0

Alta

Vetor

AV:N/AC:L/Au:N/C:C/I:C/A:C

Name of the Vulnerable Software and Affected Versions: corosync versions prior to 2.4.4

Description: The issue is caused by an integer overflow in the exec/totemcrypto.c function of the corosync system, which can be exploited by a remote attacker to impact the confidentiality, integrity, and availability of protected information.

Recommendations: For versions prior to 2.4.4, update to version 2.4.4 or later to resolve the issue.

Correção

Integer Overflow

Encontrou algum problema na descrição? Tem algo a acrescentar? Fique à vontade para nos escrever 👾

dbugs@ptsecurity.com

Enumeração de Fraquezas

CWE-190

Identificadores relacionados

ALT-PU-2019-1350

BDU:2020-01596

CESA-2018_1169

CVE-2018-1084

DSA-4174-1

MGASA-2018-0275

OPENSUSE-SU-2018_1136-1

OPENSUSE-SU-2024:10695-1

RHSA-2018:1169

RHSA-2018_1169

SUSE-SU-2018:1121-1

SUSE-SU-2018:1130-1

SUSE-SU-2018_1121-1

SUSE-SU-2018_1130-1

USN-4000-1

Produtos afetados

Alt Linux

Centos

Red Hat

Suse

Ubuntu

Corosync

PT-2018-3449 · Corosync+5 · Corosync+5

CVE-2018-1084

Enumeração de Fraquezas

Identificadores relacionados

Produtos afetados

Referências · 52