RockyLinux 10 : corosync (RLSA-2026:19043)

The remote RockyLinux 10 host has packages installed that are affected by multiple vulnerabilities as referenced in the RLSA-2026:19043 advisory. corosync: Corosync: Denial of Service and information disclosure via crafted UDP packet CVE-2026-35091 corosync: Corosync: Denial of Service via intege...

corosync: Corosync: Denial of Service via integer overflow in join message validation

A flaw was found in Corosync. An integer overflow vulnerability in Corosync's join message sanity validation allows a remote, unauthenticated attacker to send crafted User Datagram Protocol UDP packets. This can cause the service to crash, leading to a denial of service. This vulnerability...

AlmaLinux 10 : corosync (ALSA-2026:13644)

The remote AlmaLinux 10 host has packages installed that are affected by multiple vulnerabilities as referenced in the ALSA-2026:13644 advisory. corosync: Corosync: Denial of Service and information disclosure via crafted UDP packet CVE-2026-35091 corosync: Corosync: Denial of Service via integer...

MiracleLinux 8 : corosync-3.1.8-1.el8_10.1 (AXSA:2026-593:02)

The remote MiracleLinux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the AXSA:2026-593:02 advisory. corosync: Corosync: Denial of Service and information disclosure via crafted UDP packet CVE-2026-35091 corosync: Corosync: Denial of Service via...

corosync: Corosync: Denial of Service via integer overflow in join message validation

A flaw was found in Corosync. An integer overflow vulnerability in Corosync's join message sanity validation allows a remote, unauthenticated attacker to send crafted User Datagram Protocol UDP packets. This can cause the service to crash, leading to a denial of service. This vulnerability...

RockyLinux 8 : corosync (RLSA-2026:13657)

The remote RockyLinux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the RLSA-2026:13657 advisory. corosync: Corosync: Denial of Service and information disclosure via crafted UDP packet CVE-2026-35091 corosync: Corosync: Denial of Service via integer...

RHEL 8 : corosync (RHSA-2026:14215)

The remote Redhat Enterprise Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2026:14215 advisory. The corosync packages provide the Corosync Cluster Engine and C APIs for Red Hat Enterprise Linux cluster software. Security Fixes: corosyn...

Astra Linux - уязвимость в corosync

The vulnerability of the coroparse.c component of the Corosync cluster engine is related to the use of memory after it is freed. Exploiting this vulnerability allows an attacker to access confidential data, compromise its integrity, and cause service failures...

Astra Linux - уязвимость в corosync

The vulnerability of the coroparse.c component of the Corosync cluster engine is related to the use of memory after it is freed. Exploiting this vulnerability allows a perpetrator to cause a service failure...

CVE-2026-35092

Corosync: A vulnerability in the join message sanity validation causes an integer overflow when using totemudp/totemudpu mode. Remote, unauthenticated attackers can send crafted UDP packets to crash the service, resulting in an availability impact (DoS). No remediation details are provided in the...

CVE-2026-35091

A flaw was found in Corosync. A remote unauthenticated attacker can exploit a wrong return value vulnerability in the Corosync membership commit token sanity check by sending a specially crafted User Datagram Protocol UDP packet. This can lead to an out-of-bounds read, causing a denial of service...

Unity Linux 20.1050e / 20.1060e / 20.1070e Security Update: corosync (UTSA-2026-005515)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-005515 advisory. Corosync through 3.1.9, if encryption is disabled or the attacker knows the encryption key, has a stack- based buffer overflow in orftokenendianconvert in...

TencentOS Server 4: corosync (TSSA-2025:0287)

The version of Tencent Linux installed on the remote TencentOS Server 4 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the TSSA-2025:0287 advisory. Package updates are available for TencentOS Server 4 that fix the following vulnerabilities:...

EUVD-2018-11734

Malware in sbrugna...

EUVD-2013-0281

Malware in sbrugna...

RockyLinux 10 : corosync (RLSA-2025:7478)

The remote RockyLinux 10 host has packages installed that are affected by a vulnerability as referenced in the RLSA-2025:7478 advisory. corosync: Stack buffer overflow from 'orftokenendianconvert' CVE-2025-30472 Tenable has extracted the preceding description block directly from the RockyLinux...

EUVD-2025-7198

Malicious code in bioql PyPI...

Advisory ROSA-SA-2025-2927

Software: corosync 3.1.9 OS: ROSA-CHROME unaffected versions = corosync-3.1.9-2 affected versions corosync-3.1.9-2 CVE-ID: CVE-2025-30472 BDU-ID: 2025-03217 CVE-Crit: HIGH CVE-DESC.: A vulnerability in the orftokenendianconvert function of the Corosync group communication system for fault-toleran...

Oracle Linux 10 : corosync (ELSA-2025-7478)

The remote Oracle Linux 10 host has packages installed that are affected by a vulnerability as referenced in the ELSA-2025-7478 advisory. 3.1.9-1.1 - Resolves: RHEL-84612 - totemsrp: Check size of orftoken msg fixes CVE-2025-30472 Tenable has extracted the preceding description block directly fro...

ROS-20250630-06

Vulnerability of orftokenendianconvert function of group communication system for fault-tolerant clusters Corosync is related to an operation exceeding buffer boundaries in memory. Exploitation of the vulnerability could allow an attacker acting remotely to execute arbitrary code or cause a denia...