Pacemaker vulnerabilities

2017-10-24T00:00:00
ID USN-3462-1
Type ubuntu
Reporter Ubuntu
Modified 2017-10-24T00:00:00

Description

Jan Pokorný and Alain Moulle discovered that Pacemaker incorrectly handled the IPC interface. A local attacker could possibly use this issue to execute arbitrary code with root privileges. (CVE-2016-7035)

Alain Moulle discovered that Pacemaker incorrectly handled authentication. A remote attacker could possibly use this issue to shut down connections, leading to a denial of service. This issue only affected Ubuntu 16.04 LTS. (CVE-2016-7797)