Sebastian Alba Vives

Name of the Vulnerable Software and Affected Versions Corosync (affected versions not specified) Description A flaw exists in Corosync where a remote, unauthenticated attacker can exploit a wrong return value vulnerability in the membership commit token sanity check. This is achieved by sending a specially crafted User Datagram Protocol (UDP) packet. Successful exploitation can lead to an out-of-bounds read, resulting in a denial of service (DoS) and potential disclosure of limited memory contents. This vulnerability affects Corosync when operating in totemudp/totemudpu mode, which is the default configuration. Recommendations At the moment, there is no information about a newer version that contains a fix for this vulnerability.

Name of the Vulnerable Software and Affected Versions Corosync (affected versions not specified) Description A flaw exists in Corosync where an integer overflow in the join message sanity validation can be triggered by sending crafted User Datagram Protocol (UDP) packets. This allows a remote, unauthenticated attacker to cause a denial of service by crashing the service. This vulnerability specifically impacts Corosync deployments using totemudp/totemudpu mode. Recommendations At the moment, there is no information about a newer version that contains a fix for this vulnerability.