HarborGuard / CVE
Back to search
HIGHCVE-2026-35091Published Modified CNA redhat

CVE-2026-35091: Corosync: corosync: denial of service and information disclosure via crafted udp packet

A flaw was found in Corosync. A remote unauthenticated attacker can exploit a wrong return value vulnerability in the Corosync membership commit token sanity check by sending a specially crafted User Datagram Protocol (UDP) packet. This can lead to an out-of-bounds read, causing a denial of service (DoS) and potentially disclosing limited memory contents

Metrics

CVSS v3.1
8.2
Severity
HIGH
Fixed in
0:2.4.5-7.el7_9.3
Affected Products
19

Fix available

0:2.4.5-7.el7_9.30:3.1.0-3.el8_4.20:3.1.5-2.el8_6.10:3.1.5-3.el9_0.10:3.1.7-1.el8_8.10:3.1.7-1.el9_2.10:3.1.8-1.el8_10.10:3.1.8-1.el9_4.10:3.1.9-1.el10_0.20:3.1.9-2.el10_1.10:3.1.9-2.el9_6.10:3.1.9-2.el9_7.10:3.1.10-1.el10_2.10:3.1.10-1.el9_8.1
Affected packages
  • Red Hat / Red Hat Enterprise Linux 10
    Fixed in 0:3.1.9-2.el10_1.1
  • Red Hat / Red Hat Enterprise Linux 10
    Fixed in 0:3.1.10-1.el10_2.1
  • Red Hat / Red Hat Enterprise Linux 10.0 Extended Update Support
    Fixed in 0:3.1.9-1.el10_0.2
  • Red Hat / Red Hat Enterprise Linux 7 Extended Lifecycle Support
    Fixed in 0:2.4.5-7.el7_9.3
  • Red Hat / Red Hat Enterprise Linux 8
    Fixed in 0:3.1.8-1.el8_10.1
  • Red Hat / Red Hat Enterprise Linux 8.4 Advanced Mission Critical Update Support
    Fixed in 0:3.1.0-3.el8_4.2
  • Red Hat / Red Hat Enterprise Linux 8.4 Extended Update Support Long-Life Add-On
    Fixed in 0:3.1.0-3.el8_4.2
  • Red Hat / Red Hat Enterprise Linux 8.6 Advanced Mission Critical Update Support
    Fixed in 0:3.1.5-2.el8_6.1
  • Red Hat / Red Hat Enterprise Linux 8.6 Telecommunications Update Service
    Fixed in 0:3.1.5-2.el8_6.1
  • Red Hat / Red Hat Enterprise Linux 8.6 Update Services for SAP Solutions
    Fixed in 0:3.1.5-2.el8_6.1
  • Red Hat / Red Hat Enterprise Linux 8.8 Telecommunications Update Service
    Fixed in 0:3.1.7-1.el8_8.1
  • Red Hat / Red Hat Enterprise Linux 8.8 Update Services for SAP Solutions
    Fixed in 0:3.1.7-1.el8_8.1
  • Red Hat / Red Hat Enterprise Linux 9
    Fixed in 0:3.1.9-2.el9_7.1
  • Red Hat / Red Hat Enterprise Linux 9
    Fixed in 0:3.1.10-1.el9_8.1
  • Red Hat / Red Hat Enterprise Linux 9.0 Update Services for SAP Solutions
    Fixed in 0:3.1.5-3.el9_0.1
  • Red Hat / Red Hat Enterprise Linux 9.2 Update Services for SAP Solutions
    Fixed in 0:3.1.7-1.el9_2.1
  • Red Hat / Red Hat Enterprise Linux 9.4 Extended Update Support
    Fixed in 0:3.1.8-1.el9_4.1
  • Red Hat / Red Hat Enterprise Linux 9.6 Extended Update Support
    Fixed in 0:3.1.9-2.el9_6.1
  • Red Hat / Red Hat OpenShift Container Platform 4
CVSS Vector
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:H
References