PT-2020-6222 · Pacemaker +7 · Pacemaker +7

Name of the Vulnerable Software and Affected Versions: Pacemaker versions prior to 1.1.24-rc1 Pacemaker versions prior to 2.0.5-rc2 Description: The issue is related to an ACL bypass flaw in Pacemaker, which could allow an attacker with a local account on the cluster and in the haclient group to...

Updated pacemaker packages fix security vulnerabilities

The updated packages fix security vulnerabilities: A use-after-free flaw was found in pacemaker up to and including version 2.0.1 which could result in certain sensitive information to be leaked via the system logs. CVE-2019-3885 A flaw was found in the way pacemaker's client-server authenticatio...

MGASA-2019-0394 Updated pacemaker packages fix security vulnerabilities

The updated packages fix security vulnerabilities: A use-after-free flaw was found in pacemaker up to and including version 2.0.1 which could result in certain sensitive information to be leaked via the system logs. CVE-2019-3885 A flaw was found in the way pacemaker's client-server authenticatio...

NewStart CGSL CORE 5.04 / MAIN 5.04 : pacemaker Multiple Vulnerabilities (NS-SA-2019-0224)

The remote NewStart CGSL host, running version CORE 5.04 / MAIN 5.04, has pacemaker packages installed that are affected by multiple vulnerabilities: - A flaw was found in the way pacemaker's client-server authentication was implemented in versions up to and including 2.0.0. A local attacker coul...

CVE-2011-5271

Pacemaker before 1.1.6 configure script creates temporary files insecurely...

CVE-2011-5271

Pacemaker before 1.1.6 configure script creates temporary files insecurely...

DEBIAN-CVE-2011-5271

Pacemaker before 1.1.6 configure script creates temporary files insecurely...

Code injection

Pacemaker before 1.1.6 configure script creates temporary files insecurely...

CVE-2011-5271

Pacemaker before 1.1.6 configure script creates temporary files insecurely...

CVE-2011-5271

Pacemaker before 1.1.6 configure script creates temporary files insecurely...

CVE-2011-5271

Technical details are not publicly disclosed in the provided documents; no information on affected products, versions, root cause, or fix is included. Monitor for updates.

CVE-2011-5271

Pacemaker before 1.1.6 configure script creates temporary files insecurely...

Amazon Linux 2 : pacemaker (ALAS-2019-1275)

A flaw was found in pacemaker. An insufficient verification inflicted preference of uncontrolled processes can lead to DoS. CVE-2018-16878 A use-after-free flaw was found in pacemaker which could result in certain sensitive information to be leaked via the system logs. CVE-2019-3885 A flaw was...

Important: pacemaker

Issue Overview: A flaw was found in pacemaker. An insufficient verification inflicted preference of uncontrolled processes can lead to DoS. CVE-2018-16878 A use-after-free flaw was found in pacemaker which could result in certain sensitive information to be leaked via the system logs. CVE-2019-38...

The vulnerability of the Pacemaker resource management software for operating systems based on Ubuntu, Fedora, and OpenSUSE Leap lies in its uncontrolled resource consumption, which allows a malicious actor to cause service interruptions.

The vulnerability of the Pacemaker resource management software for operating systems based on Ubuntu, Fedora, and OpenSUSE Leap involves an uncontrolled consumption of resources. Exploiting this vulnerability can allow a hacker to cause service interruptions...

Oracle Linux 8 : pacemaker (ELSA-2019-1279)

The remote Oracle Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2019-1279 advisory. - Improve clients' authentication of IPC servers CVE-2018-16877 - Fix use-after-free with potential information disclosure CVE-2019-3885 - Improve...

pacemaker security and bug fix update

2.0.1-4.3 - New build with fixed test in gating.yaml - Resolves: rhbz1694557 - Resolves: rhbz1695247 - Resolves: rhbz1697264 - Resolves: rhbz1697265 2.0.1-4.2 - New build to apply z-stream tag - Resolves: rhbz1694557 - Resolves: rhbz1695247 - Resolves: rhbz1697264 - Resolves: rhbz1697265 2.0.1-4....

Denial Of Service (DoS)

pacemaker is vulnerable to denial of service attacks. Local unauthenticated user can cause a system hang due to insufficient verification inflicted preference of uncontrolled processes...

Information Disclosure

pacemaker is vulnerable to information disclosure. A use-after-free defect was discovered in pacemaker that can possibly lead to unsolicited information disclosure in the log outputs...

Privilege Escalation

pacemaker is vulnerable to privilege escalation. Insufficient verification of client-side authentication combined with other IPC weaknesses leads to local privilege escalation...