CVE-2018-1084

Опубликовано: 12 апр. 2018

Источник: debian

Описание

corosync before version 2.4.4 is vulnerable to an integer overflow in exec/totemcrypto.c.

Пакет	Статус	Версия исправления	Релиз	Тип
corosync	fixed	2.4.4-1		package
corosync	not-affected		jessie	package
corosync	not-affected		wheezy	package

https://www.openwall.com/lists/oss-security/2018/04/12/2
https://bugzilla.redhat.com/show_bug.cgi?id=1552830
Fixed by: https://github.com/corosync/corosync/commit/fc1d5418533c1faf21616b282c2559bed7d361c4
https://oss.clusterlabs.org/pipermail/users/2018-April/014856.html

CVE-2018-1084

CVSS3: 7.5

ubuntu

больше 7 лет назад

corosync before version 2.4.4 is vulnerable to an integer overflow in exec/totemcrypto.c.

CVE-2018-1084

CVSS3: 7.5

redhat

больше 7 лет назад

corosync before version 2.4.4 is vulnerable to an integer overflow in exec/totemcrypto.c.

CVE-2018-1084

CVSS3: 7.5

nvd

больше 7 лет назад

corosync before version 2.4.4 is vulnerable to an integer overflow in exec/totemcrypto.c.

openSUSE-SU-2018:1136-1

suse-cvrf

больше 7 лет назад

Security update for corosync

SUSE-SU-2018:1130-1

suse-cvrf

больше 7 лет назад

Security update for corosync