NextGuard
UNKNOWNCVE-2026-35092

Corosync: corosync: denial of service via integer overflow in join message validation

Platform

linux

Component

corosync

View on NVD

A flaw was found in Corosync. An integer overflow vulnerability in Corosync's join message sanity validation allows a remote, unauthenticated attacker to send crafted User Datagram Protocol (UDP) packets. This can cause the service to crash, leading to a denial of service. This vulnerability specifically affects Corosync deployments configured to use totemudp/totemudpu mode.

How to fix

Actualice Corosync a la última versión disponible proporcionada por Red Hat. Asegúrese de que la configuración de Corosync no utilice los modos totemudp/totemudpu hasta que se aplique la actualización.

Monitor your dependencies automatically

Get notified when new vulnerabilities affect your projects. Free forever.

Start free