Pacemaker vulnerabilities

2019-04-23T00:00:00
ID USN-3952-1
Type ubuntu
Reporter Ubuntu
Modified 2019-04-23T00:00:00

Description

Jan Pokorný discovered that Pacemaker incorrectly handled client-server authentication. A local attacker could possibly use this issue to escalate privileges. (CVE-2018-16877)

Jan Pokorný discovered that Pacemaker incorrectly handled certain verifications. A local attacker could possibly use this issue to cause a denial of service. (CVE-2018-16878)

Jan Pokorný discovered that Pacemaker incorrectly handled certain memory operations. A local attacker could possibly use this issue to obtain sensitive information in log outputs. This issue only applied to Ubuntu 18.04 LTS, Ubuntu 18.10, and Ubuntu 19.04. (CVE-2019-3885)