#VU11994 Integer overflow in corosync - CVE-2018-1084

Cybersecurity Help s.r.o.

Published: 2018-04-19

Vulnerability identifier: #VU11994

Vulnerability risk: Low

CVSSv4.0: 2.7 [CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2018-1084

CWE-ID: CWE-190

Exploitation vector: Network

Exploit availability: No

Vulnerable software:
corosync
Server applications / Frameworks for developing and running applications

Vendor: corosync

Description
The vulnerability allows a remote unauthenticated attacker to cause DoS condition on the target system.

The weakness exists in exec/totemcrypto.c due to integer overflow. A remote attacker can cause the service to crash.

Mitigation
Update to version 2.4.4.

Vulnerable software versions

corosync: 2.4.3

External links
https://github.com/corosync/corosync/commit/fc1d5418533c1faf21616b282c2559bed7d361c4

Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

Latest bulletins with this vulnerability

Gentoo update for corosync

Ubuntu update for Corosync

OpenSUSE Linux update for corosync

SUSE Linux update for corosync

Debian update for corosync

Red Hat Enterprise Linux 7 update for corosync

Fedora 28 update for corosync

Fedora 26 update for corosync

Fedora 27 update for corosync