7.5

CVE-2026-35092

Exploit

Corosync: corosync: denial of service via integer overflow in join message validation

A flaw was found in Corosync. An integer overflow vulnerability in Corosync's join message sanity validation allows a remote, unauthenticated attacker to send crafted User Datagram Protocol (UDP) packets. This can cause the service to crash, leading to a denial of service. This vulnerability specifically affects Corosync deployments configured to use totemudp/totemudpu mode.
Daten sind bereitgestellt durch National Vulnerability Database (NVD)
CorosyncCorosync Version-
RedhatOpenshift Version4.0
RedhatEnterprise Linux Version7.0
RedhatEnterprise Linux Version8.0
RedhatEnterprise Linux Version9.0
RedhatEnterprise Linux Version10.0
VulnDex Vulnerability Enrichment
Diese Information steht angemeldeten Benutzern zur Verfügung. Login Login
Zu dieser CVE wurde keine Warnung gefunden.
EPSS Metriken
Typ Quelle Score Percentile
EPSS FIRST.org 0.99% 0.581
CVSS Metriken
Quelle Base Score Exploit Score Impact Score Vector String
secalert@redhat.com 7.5 3.9 3.6
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
CWE-190 Integer Overflow or Wraparound

The product performs a calculation that can produce an integer overflow or wraparound when the logic assumes that the resulting value will always be larger than the original value. This occurs when an integer value is incremented to a value that is too large to store in the associated representation. When this occurs, the value may become a very small or negative number.

https://bugzilla.redhat.com/show_bug.cgi?id=2453169
Third Party Advisory
Exploit
https://access.redhat.com/security/cve/CVE-2026-35092
Third Party Advisory
VDB Entry
https://bugzilla.redhat.com/show_bug.cgi?id=2453814
Third Party Advisory
Issue Tracking
https://access.redhat.com/errata/RHSA-2026:13644
https://access.redhat.com/errata/RHSA-2026:13657
https://access.redhat.com/errata/RHSA-2026:13673
https://access.redhat.com/errata/RHSA-2026:14205
https://access.redhat.com/errata/RHSA-2026:14212
https://access.redhat.com/errata/RHSA-2026:14213
https://access.redhat.com/errata/RHSA-2026:14214
https://access.redhat.com/errata/RHSA-2026:14215
https://access.redhat.com/errata/RHSA-2026:14216
https://access.redhat.com/errata/RHSA-2026:14210
https://access.redhat.com/errata/RHSA-2026:14211
https://access.redhat.com/errata/RHSA-2026:19043
https://access.redhat.com/errata/RHSA-2026:19200
https://access.redhat.com/errata/RHSA-2026:20916