Vulnerability-Lookup

WID-SEC-W-2026-1358

Vulnerability from csaf_certbund - Published: 2026-05-04 22:00 - Updated: 2026-05-31 22:00

Summary

Red Hat Enterprise Linux (corosync): Mehrere Schwachstellen ermöglichen Denial of Service

Severity

Hoch

Notes

Das BSI ist als Anbieter für die eigenen, zur Nutzung bereitgestellten Inhalte nach den allgemeinen Gesetzen verantwortlich. Nutzerinnen und Nutzer sind jedoch dafür verantwortlich, die Verwendung und/oder die Umsetzung der mit den Inhalten bereitgestellten Informationen sorgfältig im Einzelfall zu prüfen.

Produktbeschreibung: Red Hat Enterprise Linux (RHEL) ist eine populäre Linux-Distribution.

Angriff: Ein Angreifer kann mehrere Schwachstellen in Red Hat Enterprise Linux (corosync) ausnutzen, um einen Denial of Service Angriff durchzuführen.

Betroffene Betriebssysteme: - Linux - UNIX

CVE-2026-35091

Affected products

Known affected 5 products

Product	Identifier	Version
Debian Linux Debian	`cpe:/o:debian:debian_linux:-`	—
Red Hat Enterprise Linux Red Hat / Enterprise Linux	`cpe:/o:redhat:enterprise_linux:-`	—
Oracle Linux Oracle	`cpe:/o:oracle:linux:-`	—
RESF Rocky Linux RESF	`cpe:/o:resf:rocky_linux:-`	—
Red Hat Enterprise Linux <10 Red Hat / Enterprise Linux		<10

CVE-2026-35092

Affected products

Known affected 5 products

Product	Identifier	Version
Debian Linux Debian	`cpe:/o:debian:debian_linux:-`	—
Red Hat Enterprise Linux Red Hat / Enterprise Linux	`cpe:/o:redhat:enterprise_linux:-`	—
Oracle Linux Oracle	`cpe:/o:oracle:linux:-`	—
RESF Rocky Linux RESF	`cpe:/o:resf:rocky_linux:-`	—
Red Hat Enterprise Linux <10 Red Hat / Enterprise Linux		<10

References

26 references

URL	Category
https://wid.cert-bund.de/.well-known/csaf/white/2…	self
https://wid.cert-bund.de/portal/wid/securityadvis…	self
https://access.redhat.com/errata/RHSA-2026:13644	external
https://access.redhat.com/security/cve/cve-2026-35091	external
https://access.redhat.com/security/cve/cve-2026-35092	external
https://access.redhat.com/errata/RHSA-2026:13657	external
https://errata.build.resf.org/RLSA-2026:13657	external
https://errata.build.resf.org/RLSA-2026:13673	external
https://access.redhat.com/errata/RHSA-2026:14212	external
https://access.redhat.com/errata/RHSA-2026:14216	external
https://access.redhat.com/errata/RHSA-2026:14211	external
https://access.redhat.com/errata/RHSA-2026:14215	external
https://access.redhat.com/errata/RHSA-2026:14214	external
https://access.redhat.com/errata/RHSA-2026:14205	external
https://errata.build.resf.org/RLSA-2026:13644	external
https://access.redhat.com/errata/RHSA-2026:14213	external
https://access.redhat.com/errata/RHSA-2026:14210	external
https://linux.oracle.com/errata/ELSA-2026-13673.html	external
https://lists.debian.org/debian-security-announce…	external
https://linux.oracle.com/errata/ELSA-2026-13657.html	external
https://linux.oracle.com/errata/ELSA-2026-13644.html	external
https://access.redhat.com/errata/RHSA-2026:19043	external
https://access.redhat.com/errata/RHSA-2026:19200	external
https://access.redhat.com/errata/RHSA-2026:20916	external
https://errata.build.resf.org/RLSA-2026:19200	external
https://lists.debian.org/debian-lts-announce/2026…	external

JSON

To clipboard

{
  "document": {
    "aggregate_severity": {
      "text": "hoch"
    },
    "category": "csaf_base",
    "csaf_version": "2.0",
    "distribution": {
      "tlp": {
        "label": "WHITE",
        "url": "https://www.first.org/tlp/"
      }
    },
    "lang": "de-DE",
    "notes": [
      {
        "category": "legal_disclaimer",
        "text": "Das BSI ist als Anbieter f\u00fcr die eigenen, zur Nutzung bereitgestellten Inhalte nach den allgemeinen Gesetzen verantwortlich. Nutzerinnen und Nutzer sind jedoch daf\u00fcr verantwortlich, die Verwendung und/oder die Umsetzung der mit den Inhalten bereitgestellten Informationen sorgf\u00e4ltig im Einzelfall zu pr\u00fcfen."
      },
      {
        "category": "description",
        "text": "Red Hat Enterprise Linux (RHEL) ist eine popul\u00e4re Linux-Distribution.",
        "title": "Produktbeschreibung"
      },
      {
        "category": "summary",
        "text": "Ein Angreifer kann mehrere Schwachstellen in Red Hat Enterprise Linux (corosync) ausnutzen, um einen Denial of Service Angriff durchzuf\u00fchren.",
        "title": "Angriff"
      },
      {
        "category": "general",
        "text": "- Linux\n- UNIX",
        "title": "Betroffene Betriebssysteme"
      }
    ],
    "publisher": {
      "category": "other",
      "contact_details": "csaf-provider@cert-bund.de",
      "name": "Bundesamt f\u00fcr Sicherheit in der Informationstechnik",
      "namespace": "https://www.bsi.bund.de"
    },
    "references": [
      {
        "category": "self",
        "summary": "WID-SEC-W-2026-1358 - CSAF Version",
        "url": "https://wid.cert-bund.de/.well-known/csaf/white/2026/wid-sec-w-2026-1358.json"
      },
      {
        "category": "self",
        "summary": "WID-SEC-2026-1358 - Portal Version",
        "url": "https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2026-1358"
      },
      {
        "category": "external",
        "summary": "Red Hat Security Advisory RHSA-2026:13644 vom 2026-05-04",
        "url": "https://access.redhat.com/errata/RHSA-2026:13644"
      },
      {
        "category": "external",
        "summary": "RedHat Customer Portal vom 2026-05-04",
        "url": "https://access.redhat.com/security/cve/cve-2026-35091"
      },
      {
        "category": "external",
        "summary": "RedHat Customer Portal vom 2026-05-04",
        "url": "https://access.redhat.com/security/cve/cve-2026-35092"
      },
      {
        "category": "external",
        "summary": "Red Hat Security Advisory RHSA-2026:13657 vom 2026-05-05",
        "url": "https://access.redhat.com/errata/RHSA-2026:13657"
      },
      {
        "category": "external",
        "summary": "Rocky Linux Security Advisory RLSA-2026:13657 vom 2026-05-06",
        "url": "https://errata.build.resf.org/RLSA-2026:13657"
      },
      {
        "category": "external",
        "summary": "Rocky Linux Security Advisory RLSA-2026:13673 vom 2026-05-06",
        "url": "https://errata.build.resf.org/RLSA-2026:13673"
      },
      {
        "category": "external",
        "summary": "Red Hat Security Advisory RHSA-2026:14212 vom 2026-05-06",
        "url": "https://access.redhat.com/errata/RHSA-2026:14212"
      },
      {
        "category": "external",
        "summary": "Red Hat Security Advisory RHSA-2026:14216 vom 2026-05-06",
        "url": "https://access.redhat.com/errata/RHSA-2026:14216"
      },
      {
        "category": "external",
        "summary": "Red Hat Security Advisory RHSA-2026:14211 vom 2026-05-06",
        "url": "https://access.redhat.com/errata/RHSA-2026:14211"
      },
      {
        "category": "external",
        "summary": "Red Hat Security Advisory RHSA-2026:14215 vom 2026-05-06",
        "url": "https://access.redhat.com/errata/RHSA-2026:14215"
      },
      {
        "category": "external",
        "summary": "Red Hat Security Advisory RHSA-2026:14214 vom 2026-05-06",
        "url": "https://access.redhat.com/errata/RHSA-2026:14214"
      },
      {
        "category": "external",
        "summary": "Red Hat Security Advisory RHSA-2026:14205 vom 2026-05-06",
        "url": "https://access.redhat.com/errata/RHSA-2026:14205"
      },
      {
        "category": "external",
        "summary": "Rocky Linux Security Advisory RLSA-2026:13644 vom 2026-05-06",
        "url": "https://errata.build.resf.org/RLSA-2026:13644"
      },
      {
        "category": "external",
        "summary": "Red Hat Security Advisory RHSA-2026:14213 vom 2026-05-06",
        "url": "https://access.redhat.com/errata/RHSA-2026:14213"
      },
      {
        "category": "external",
        "summary": "Red Hat Security Advisory RHSA-2026:14210 vom 2026-05-06",
        "url": "https://access.redhat.com/errata/RHSA-2026:14210"
      },
      {
        "category": "external",
        "summary": "Oracle Linux Security Advisory ELSA-2026-13673 vom 2026-05-07",
        "url": "https://linux.oracle.com/errata/ELSA-2026-13673.html"
      },
      {
        "category": "external",
        "summary": "Debian Security Advisory DSA-6261 vom 2026-05-10",
        "url": "https://lists.debian.org/debian-security-announce/2026/msg00172.html"
      },
      {
        "category": "external",
        "summary": "Oracle Linux Security Advisory ELSA-2026-13657 vom 2026-05-11",
        "url": "https://linux.oracle.com/errata/ELSA-2026-13657.html"
      },
      {
        "category": "external",
        "summary": "Oracle Linux Security Advisory ELSA-2026-13644 vom 2026-05-11",
        "url": "https://linux.oracle.com/errata/ELSA-2026-13644.html"
      },
      {
        "category": "external",
        "summary": "Red Hat Security Advisory RHSA-2026:19043 vom 2026-05-19",
        "url": "https://access.redhat.com/errata/RHSA-2026:19043"
      },
      {
        "category": "external",
        "summary": "Red Hat Security Advisory RHSA-2026:19200 vom 2026-05-20",
        "url": "https://access.redhat.com/errata/RHSA-2026:19200"
      },
      {
        "category": "external",
        "summary": "Red Hat Security Advisory RHSA-2026:20916 vom 2026-05-26",
        "url": "https://access.redhat.com/errata/RHSA-2026:20916"
      },
      {
        "category": "external",
        "summary": "Rocky Linux Security Advisory RLSA-2026:19200 vom 2026-05-28",
        "url": "https://errata.build.resf.org/RLSA-2026:19200"
      },
      {
        "category": "external",
        "summary": "Debian Security Advisory DLA-4608 vom 2026-05-30",
        "url": "https://lists.debian.org/debian-lts-announce/2026/05/msg00053.html"
      }
    ],
    "source_lang": "en-US",
    "title": "Red Hat Enterprise Linux (corosync): Mehrere Schwachstellen erm\u00f6glichen Denial of Service",
    "tracking": {
      "current_release_date": "2026-05-31T22:00:00.000+00:00",
      "generator": {
        "date": "2026-06-01T07:25:34.656+00:00",
        "engine": {
          "name": "BSI-WID",
          "version": "1.6.0"
        }
      },
      "id": "WID-SEC-W-2026-1358",
      "initial_release_date": "2026-05-04T22:00:00.000+00:00",
      "revision_history": [
        {
          "date": "2026-05-04T22:00:00.000+00:00",
          "number": "1",
          "summary": "Initiale Fassung"
        },
        {
          "date": "2026-05-05T22:00:00.000+00:00",
          "number": "2",
          "summary": "Neue Updates von Red Hat und Rocky Enterprise Software Foundation aufgenommen"
        },
        {
          "date": "2026-05-06T22:00:00.000+00:00",
          "number": "3",
          "summary": "Neue Updates von Red Hat und Rocky Enterprise Software Foundation aufgenommen"
        },
        {
          "date": "2026-05-07T22:00:00.000+00:00",
          "number": "4",
          "summary": "Neue Updates von Oracle Linux aufgenommen"
        },
        {
          "date": "2026-05-10T22:00:00.000+00:00",
          "number": "5",
          "summary": "Neue Updates von Debian aufgenommen"
        },
        {
          "date": "2026-05-11T22:00:00.000+00:00",
          "number": "6",
          "summary": "Neue Updates von Oracle Linux aufgenommen"
        },
        {
          "date": "2026-05-19T22:00:00.000+00:00",
          "number": "7",
          "summary": "Neue Updates von Red Hat aufgenommen"
        },
        {
          "date": "2026-05-26T22:00:00.000+00:00",
          "number": "8",
          "summary": "Neue Updates von Red Hat aufgenommen"
        },
        {
          "date": "2026-05-28T22:00:00.000+00:00",
          "number": "9",
          "summary": "Neue Updates von Rocky Enterprise Software Foundation aufgenommen"
        },
        {
          "date": "2026-05-31T22:00:00.000+00:00",
          "number": "10",
          "summary": "Neue Updates von Debian aufgenommen"
        }
      ],
      "status": "final",
      "version": "10"
    }
  },
  "product_tree": {
    "branches": [
      {
        "branches": [
          {
            "category": "product_name",
            "name": "Debian Linux",
            "product": {
              "name": "Debian Linux",
              "product_id": "2951",
              "product_identification_helper": {
                "cpe": "cpe:/o:debian:debian_linux:-"
              }
            }
          }
        ],
        "category": "vendor",
        "name": "Debian"
      },
      {
        "branches": [
          {
            "category": "product_name",
            "name": "Oracle Linux",
            "product": {
              "name": "Oracle Linux",
              "product_id": "T004914",
              "product_identification_helper": {
                "cpe": "cpe:/o:oracle:linux:-"
              }
            }
          }
        ],
        "category": "vendor",
        "name": "Oracle"
      },
      {
        "branches": [
          {
            "category": "product_name",
            "name": "RESF Rocky Linux",
            "product": {
              "name": "RESF Rocky Linux",
              "product_id": "T032255",
              "product_identification_helper": {
                "cpe": "cpe:/o:resf:rocky_linux:-"
              }
            }
          }
        ],
        "category": "vendor",
        "name": "RESF"
      },
      {
        "branches": [
          {
            "branches": [
              {
                "category": "product_name",
                "name": "Red Hat Enterprise Linux",
                "product": {
                  "name": "Red Hat Enterprise Linux",
                  "product_id": "67646",
                  "product_identification_helper": {
                    "cpe": "cpe:/o:redhat:enterprise_linux:-"
                  }
                }
              },
              {
                "category": "product_version_range",
                "name": "\u003c10",
                "product": {
                  "name": "Red Hat Enterprise Linux \u003c10",
                  "product_id": "T053533"
                }
              },
              {
                "category": "product_version",
                "name": "10",
                "product": {
                  "name": "Red Hat Enterprise Linux 10",
                  "product_id": "T053533-fixed",
                  "product_identification_helper": {
                    "cpe": "cpe:/o:redhat:enterprise_linux:10"
                  }
                }
              }
            ],
            "category": "product_name",
            "name": "Enterprise Linux"
          }
        ],
        "category": "vendor",
        "name": "Red Hat"
      }
    ]
  },
  "vulnerabilities": [
    {
      "cve": "CVE-2026-35091",
      "product_status": {
        "known_affected": [
          "2951",
          "67646",
          "T004914",
          "T032255",
          "T053533"
        ]
      },
      "release_date": "2026-05-04T22:00:00.000+00:00",
      "title": "CVE-2026-35091"
    },
    {
      "cve": "CVE-2026-35092",
      "product_status": {
        "known_affected": [
          "2951",
          "67646",
          "T004914",
          "T032255",
          "T053533"
        ]
      },
      "release_date": "2026-05-04T22:00:00.000+00:00",
      "title": "CVE-2026-35092"
    }
  ]
}

CVE-2026-35091 (GCVE-0-2026-35091)

Vulnerability from cvelistv5 – Published: 2026-04-01 13:18 – Updated: 2026-05-29 16:21

Title

Corosync: corosync: denial of service and information disclosure via crafted udp packet

Summary

A flaw was found in Corosync. A remote unauthenticated attacker can exploit a wrong return value vulnerability in the Corosync membership commit token sanity check by sending a specially crafted User Datagram Protocol (UDP) packet. This can lead to an out-of-bounds read, causing a denial of service (DoS) and potentially disclosing limited memory contents

Severity

8.2 (High)


                        
                          CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:H

SSVC

Exploitation: none Automatable: yes Technical Impact: partial

CISA Coordinator (v2.0.3)

CWE

CWE-253 - Incorrect Check of Function Return Value

Assigner

redhat

References

17 references

URL	Tags
https://access.redhat.com/errata/RHSA-2026:13644	vendor-advisoryx_refsource_REDHAT
https://access.redhat.com/errata/RHSA-2026:13657	vendor-advisoryx_refsource_REDHAT
https://access.redhat.com/errata/RHSA-2026:13673	vendor-advisoryx_refsource_REDHAT
https://access.redhat.com/errata/RHSA-2026:14205	vendor-advisoryx_refsource_REDHAT
https://access.redhat.com/errata/RHSA-2026:14210	vendor-advisoryx_refsource_REDHAT
https://access.redhat.com/errata/RHSA-2026:14211	vendor-advisoryx_refsource_REDHAT
https://access.redhat.com/errata/RHSA-2026:14212	vendor-advisoryx_refsource_REDHAT
https://access.redhat.com/errata/RHSA-2026:14213	vendor-advisoryx_refsource_REDHAT
https://access.redhat.com/errata/RHSA-2026:14214	vendor-advisoryx_refsource_REDHAT
https://access.redhat.com/errata/RHSA-2026:14215	vendor-advisoryx_refsource_REDHAT
https://access.redhat.com/errata/RHSA-2026:14216	vendor-advisoryx_refsource_REDHAT
https://access.redhat.com/errata/RHSA-2026:19043	vendor-advisoryx_refsource_REDHAT
https://access.redhat.com/errata/RHSA-2026:19200	vendor-advisoryx_refsource_REDHAT
https://access.redhat.com/errata/RHSA-2026:20916	vendor-advisoryx_refsource_REDHAT
https://access.redhat.com/security/cve/CVE-2026-35091	vdb-entryx_refsource_REDHAT
https://bugzilla.redhat.com/show_bug.cgi?id=2453169
https://bugzilla.redhat.com/show_bug.cgi?id=2453813	issue-trackingx_refsource_REDHAT

Impacted products

19 products

Vendor	Product	Version
Red Hat	Red Hat Enterprise Linux 10	Unaffected: 0:3.1.9-2.el10_1.1 , < * (rpm) cpe:/o:redhat:enterprise_linux:10.1
Red Hat	Red Hat Enterprise Linux 10	Unaffected: 0:3.1.10-1.el10_2.1 , < * (rpm) cpe:/o:redhat:enterprise_linux:10.2
Red Hat	Red Hat Enterprise Linux 10.0 Extended Update Support	Unaffected: 0:3.1.9-1.el10_0.2 , < * (rpm) cpe:/o:redhat:enterprise_linux_eus:10.0
Red Hat	Red Hat Enterprise Linux 7 Extended Lifecycle Support	Unaffected: 0:2.4.5-7.el7_9.3 , < * (rpm) cpe:/o:redhat:enterprise_linux:7::server
Red Hat	Red Hat Enterprise Linux 8	Unaffected: 0:3.1.8-1.el8_10.1 , < * (rpm) cpe:/a:redhat:enterprise_linux:8::appstream cpe:/a:redhat:enterprise_linux:8::crb cpe:/a:redhat:enterprise_linux:8::highavailability cpe:/a:redhat:enterprise_linux:8::resilientstorage
Red Hat	Red Hat Enterprise Linux 8.4 Advanced Mission Critical Update Support	Unaffected: 0:3.1.0-3.el8_4.2 , < * (rpm) cpe:/a:redhat:rhel_aus:8.4::appstream cpe:/a:redhat:rhel_aus:8.4::highavailability cpe:/a:redhat:rhel_eus_long_life:8.4::appstream cpe:/a:redhat:rhel_eus_long_life:8.4::highavailability
Red Hat	Red Hat Enterprise Linux 8.4 Extended Update Support Long-Life Add-On	Unaffected: 0:3.1.0-3.el8_4.2 , < * (rpm) cpe:/a:redhat:rhel_aus:8.4::appstream cpe:/a:redhat:rhel_aus:8.4::highavailability cpe:/a:redhat:rhel_eus_long_life:8.4::appstream cpe:/a:redhat:rhel_eus_long_life:8.4::highavailability
Red Hat	Red Hat Enterprise Linux 8.6 Advanced Mission Critical Update Support	Unaffected: 0:3.1.5-2.el8_6.1 , < * (rpm) cpe:/a:redhat:rhel_aus:8.6::appstream cpe:/a:redhat:rhel_e4s:8.6::appstream cpe:/a:redhat:rhel_e4s:8.6::highavailability cpe:/a:redhat:rhel_tus:8.6::appstream cpe:/a:redhat:rhel_tus:8.6::highavailability
Red Hat	Red Hat Enterprise Linux 8.6 Telecommunications Update Service	Unaffected: 0:3.1.5-2.el8_6.1 , < * (rpm) cpe:/a:redhat:rhel_aus:8.6::appstream cpe:/a:redhat:rhel_e4s:8.6::appstream cpe:/a:redhat:rhel_e4s:8.6::highavailability cpe:/a:redhat:rhel_tus:8.6::appstream cpe:/a:redhat:rhel_tus:8.6::highavailability
Red Hat	Red Hat Enterprise Linux 8.6 Update Services for SAP Solutions	Unaffected: 0:3.1.5-2.el8_6.1 , < * (rpm) cpe:/a:redhat:rhel_aus:8.6::appstream cpe:/a:redhat:rhel_e4s:8.6::appstream cpe:/a:redhat:rhel_e4s:8.6::highavailability cpe:/a:redhat:rhel_tus:8.6::appstream cpe:/a:redhat:rhel_tus:8.6::highavailability
Red Hat	Red Hat Enterprise Linux 8.8 Telecommunications Update Service	Unaffected: 0:3.1.7-1.el8_8.1 , < * (rpm) cpe:/a:redhat:rhel_e4s:8.8::appstream cpe:/a:redhat:rhel_e4s:8.8::highavailability cpe:/a:redhat:rhel_tus:8.8::appstream cpe:/a:redhat:rhel_tus:8.8::highavailability
Red Hat	Red Hat Enterprise Linux 8.8 Update Services for SAP Solutions	Unaffected: 0:3.1.7-1.el8_8.1 , < * (rpm) cpe:/a:redhat:rhel_e4s:8.8::appstream cpe:/a:redhat:rhel_e4s:8.8::highavailability cpe:/a:redhat:rhel_tus:8.8::appstream cpe:/a:redhat:rhel_tus:8.8::highavailability
Red Hat	Red Hat Enterprise Linux 9	Unaffected: 0:3.1.9-2.el9_7.1 , < * (rpm) cpe:/a:redhat:enterprise_linux:9::appstream cpe:/a:redhat:enterprise_linux:9::crb cpe:/a:redhat:enterprise_linux:9::highavailability cpe:/a:redhat:enterprise_linux:9::resilientstorage
Red Hat	Red Hat Enterprise Linux 9	Unaffected: 0:3.1.10-1.el9_8.1 , < * (rpm) cpe:/a:redhat:enterprise_linux:9::appstream cpe:/a:redhat:enterprise_linux:9::crb cpe:/a:redhat:enterprise_linux:9::highavailability cpe:/a:redhat:enterprise_linux:9::resilientstorage
Red Hat	Red Hat Enterprise Linux 9.0 Update Services for SAP Solutions	Unaffected: 0:3.1.5-3.el9_0.1 , < * (rpm) cpe:/a:redhat:rhel_e4s:9.0::appstream cpe:/a:redhat:rhel_e4s:9.0::highavailability cpe:/a:redhat:rhel_e4s:9.0::resilientstorage
Red Hat	Red Hat Enterprise Linux 9.2 Update Services for SAP Solutions	Unaffected: 0:3.1.7-1.el9_2.1 , < * (rpm) cpe:/a:redhat:rhel_e4s:9.2::appstream cpe:/a:redhat:rhel_e4s:9.2::highavailability cpe:/a:redhat:rhel_e4s:9.2::resilientstorage
Red Hat	Red Hat Enterprise Linux 9.4 Extended Update Support	Unaffected: 0:3.1.8-1.el9_4.1 , < * (rpm) cpe:/a:redhat:rhel_eus:9.4::appstream cpe:/a:redhat:rhel_eus:9.4::crb cpe:/a:redhat:rhel_eus:9.4::highavailability cpe:/a:redhat:rhel_eus:9.4::resilientstorage
Red Hat	Red Hat Enterprise Linux 9.6 Extended Update Support	Unaffected: 0:3.1.9-2.el9_6.1 , < * (rpm) cpe:/a:redhat:rhel_eus:9.6::appstream cpe:/a:redhat:rhel_eus:9.6::crb cpe:/a:redhat:rhel_eus:9.6::highavailability cpe:/a:redhat:rhel_eus:9.6::resilientstorage
Red Hat	Red Hat OpenShift Container Platform 4	cpe:/a:redhat:openshift:4

Date Public

2026-04-01 11:48

Credits

Red Hat would like to thank Sebastián Alba Vives for reporting this issue.

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "metrics": [
          {
            "other": {
              "content": {
                "id": "CVE-2026-35091",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "yes"
                  },
                  {
                    "Technical Impact": "partial"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2026-04-01T20:28:59.762709Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2026-04-01T20:29:55.615Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      }
    ],
    "cna": {
      "affected": [
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/o:redhat:enterprise_linux:10.1"
          ],
          "defaultStatus": "affected",
          "packageName": "corosync",
          "product": "Red Hat Enterprise Linux 10",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "0:3.1.9-2.el10_1.1",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/o:redhat:enterprise_linux:10.2"
          ],
          "defaultStatus": "affected",
          "packageName": "corosync",
          "product": "Red Hat Enterprise Linux 10",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "0:3.1.10-1.el10_2.1",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/o:redhat:enterprise_linux_eus:10.0"
          ],
          "defaultStatus": "affected",
          "packageName": "corosync",
          "product": "Red Hat Enterprise Linux 10.0 Extended Update Support",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "0:3.1.9-1.el10_0.2",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/o:redhat:enterprise_linux:7::server"
          ],
          "defaultStatus": "affected",
          "packageName": "corosync",
          "product": "Red Hat Enterprise Linux 7 Extended Lifecycle Support",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "0:2.4.5-7.el7_9.3",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:enterprise_linux:8::appstream",
            "cpe:/a:redhat:enterprise_linux:8::crb",
            "cpe:/a:redhat:enterprise_linux:8::highavailability",
            "cpe:/a:redhat:enterprise_linux:8::resilientstorage"
          ],
          "defaultStatus": "affected",
          "packageName": "corosync",
          "product": "Red Hat Enterprise Linux 8",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "0:3.1.8-1.el8_10.1",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:rhel_aus:8.4::appstream",
            "cpe:/a:redhat:rhel_aus:8.4::highavailability",
            "cpe:/a:redhat:rhel_eus_long_life:8.4::appstream",
            "cpe:/a:redhat:rhel_eus_long_life:8.4::highavailability"
          ],
          "defaultStatus": "affected",
          "packageName": "corosync",
          "product": "Red Hat Enterprise Linux 8.4 Advanced Mission Critical Update Support",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "0:3.1.0-3.el8_4.2",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:rhel_aus:8.4::appstream",
            "cpe:/a:redhat:rhel_aus:8.4::highavailability",
            "cpe:/a:redhat:rhel_eus_long_life:8.4::appstream",
            "cpe:/a:redhat:rhel_eus_long_life:8.4::highavailability"
          ],
          "defaultStatus": "affected",
          "packageName": "corosync",
          "product": "Red Hat Enterprise Linux 8.4 Extended Update Support Long-Life Add-On",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "0:3.1.0-3.el8_4.2",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:rhel_aus:8.6::appstream",
            "cpe:/a:redhat:rhel_e4s:8.6::appstream",
            "cpe:/a:redhat:rhel_e4s:8.6::highavailability",
            "cpe:/a:redhat:rhel_tus:8.6::appstream",
            "cpe:/a:redhat:rhel_tus:8.6::highavailability"
          ],
          "defaultStatus": "affected",
          "packageName": "corosync",
          "product": "Red Hat Enterprise Linux 8.6 Advanced Mission Critical Update Support",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "0:3.1.5-2.el8_6.1",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:rhel_aus:8.6::appstream",
            "cpe:/a:redhat:rhel_e4s:8.6::appstream",
            "cpe:/a:redhat:rhel_e4s:8.6::highavailability",
            "cpe:/a:redhat:rhel_tus:8.6::appstream",
            "cpe:/a:redhat:rhel_tus:8.6::highavailability"
          ],
          "defaultStatus": "affected",
          "packageName": "corosync",
          "product": "Red Hat Enterprise Linux 8.6 Telecommunications Update Service",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "0:3.1.5-2.el8_6.1",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:rhel_aus:8.6::appstream",
            "cpe:/a:redhat:rhel_e4s:8.6::appstream",
            "cpe:/a:redhat:rhel_e4s:8.6::highavailability",
            "cpe:/a:redhat:rhel_tus:8.6::appstream",
            "cpe:/a:redhat:rhel_tus:8.6::highavailability"
          ],
          "defaultStatus": "affected",
          "packageName": "corosync",
          "product": "Red Hat Enterprise Linux 8.6 Update Services for SAP Solutions",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "0:3.1.5-2.el8_6.1",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:rhel_e4s:8.8::appstream",
            "cpe:/a:redhat:rhel_e4s:8.8::highavailability",
            "cpe:/a:redhat:rhel_tus:8.8::appstream",
            "cpe:/a:redhat:rhel_tus:8.8::highavailability"
          ],
          "defaultStatus": "affected",
          "packageName": "corosync",
          "product": "Red Hat Enterprise Linux 8.8 Telecommunications Update Service",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "0:3.1.7-1.el8_8.1",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:rhel_e4s:8.8::appstream",
            "cpe:/a:redhat:rhel_e4s:8.8::highavailability",
            "cpe:/a:redhat:rhel_tus:8.8::appstream",
            "cpe:/a:redhat:rhel_tus:8.8::highavailability"
          ],
          "defaultStatus": "affected",
          "packageName": "corosync",
          "product": "Red Hat Enterprise Linux 8.8 Update Services for SAP Solutions",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "0:3.1.7-1.el8_8.1",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:enterprise_linux:9::appstream",
            "cpe:/a:redhat:enterprise_linux:9::crb",
            "cpe:/a:redhat:enterprise_linux:9::highavailability",
            "cpe:/a:redhat:enterprise_linux:9::resilientstorage"
          ],
          "defaultStatus": "affected",
          "packageName": "corosync",
          "product": "Red Hat Enterprise Linux 9",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "0:3.1.9-2.el9_7.1",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:enterprise_linux:9::appstream",
            "cpe:/a:redhat:enterprise_linux:9::crb",
            "cpe:/a:redhat:enterprise_linux:9::highavailability",
            "cpe:/a:redhat:enterprise_linux:9::resilientstorage"
          ],
          "defaultStatus": "affected",
          "packageName": "corosync",
          "product": "Red Hat Enterprise Linux 9",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "0:3.1.10-1.el9_8.1",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:rhel_e4s:9.0::appstream",
            "cpe:/a:redhat:rhel_e4s:9.0::highavailability",
            "cpe:/a:redhat:rhel_e4s:9.0::resilientstorage"
          ],
          "defaultStatus": "affected",
          "packageName": "corosync",
          "product": "Red Hat Enterprise Linux 9.0 Update Services for SAP Solutions",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "0:3.1.5-3.el9_0.1",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:rhel_e4s:9.2::appstream",
            "cpe:/a:redhat:rhel_e4s:9.2::highavailability",
            "cpe:/a:redhat:rhel_e4s:9.2::resilientstorage"
          ],
          "defaultStatus": "affected",
          "packageName": "corosync",
          "product": "Red Hat Enterprise Linux 9.2 Update Services for SAP Solutions",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "0:3.1.7-1.el9_2.1",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:rhel_eus:9.4::appstream",
            "cpe:/a:redhat:rhel_eus:9.4::crb",
            "cpe:/a:redhat:rhel_eus:9.4::highavailability",
            "cpe:/a:redhat:rhel_eus:9.4::resilientstorage"
          ],
          "defaultStatus": "affected",
          "packageName": "corosync",
          "product": "Red Hat Enterprise Linux 9.4 Extended Update Support",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "0:3.1.8-1.el9_4.1",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:rhel_eus:9.6::appstream",
            "cpe:/a:redhat:rhel_eus:9.6::crb",
            "cpe:/a:redhat:rhel_eus:9.6::highavailability",
            "cpe:/a:redhat:rhel_eus:9.6::resilientstorage"
          ],
          "defaultStatus": "affected",
          "packageName": "corosync",
          "product": "Red Hat Enterprise Linux 9.6 Extended Update Support",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "0:3.1.9-2.el9_6.1",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:openshift:4"
          ],
          "defaultStatus": "unaffected",
          "packageName": "rhcos",
          "product": "Red Hat OpenShift Container Platform 4",
          "vendor": "Red Hat"
        }
      ],
      "credits": [
        {
          "lang": "en",
          "value": "Red Hat would like to thank Sebasti\u00e1n Alba Vives for reporting this issue."
        }
      ],
      "datePublic": "2026-04-01T11:48:13.254Z",
      "descriptions": [
        {
          "lang": "en",
          "value": "A flaw was found in Corosync. A remote unauthenticated attacker can exploit a wrong return value vulnerability in the Corosync membership commit token sanity check by sending a specially crafted User Datagram Protocol (UDP) packet. This can lead to an out-of-bounds read, causing a denial of service (DoS) and potentially disclosing limited memory contents"
        }
      ],
      "metrics": [
        {
          "other": {
            "content": {
              "namespace": "https://access.redhat.com/security/updates/classification/",
              "value": "Moderate"
            },
            "type": "Red Hat severity rating"
          }
        },
        {
          "cvssV3_1": {
            "attackComplexity": "LOW",
            "attackVector": "NETWORK",
            "availabilityImpact": "HIGH",
            "baseScore": 8.2,
            "baseSeverity": "HIGH",
            "confidentialityImpact": "LOW",
            "integrityImpact": "NONE",
            "privilegesRequired": "NONE",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:H",
            "version": "3.1"
          },
          "format": "CVSS"
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-253",
              "description": "Incorrect Check of Function Return Value",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2026-05-29T16:21:39.121Z",
        "orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
        "shortName": "redhat"
      },
      "references": [
        {
          "name": "RHSA-2026:13644",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/errata/RHSA-2026:13644"
        },
        {
          "name": "RHSA-2026:13657",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/errata/RHSA-2026:13657"
        },
        {
          "name": "RHSA-2026:13673",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/errata/RHSA-2026:13673"
        },
        {
          "name": "RHSA-2026:14205",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/errata/RHSA-2026:14205"
        },
        {
          "name": "RHSA-2026:14210",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/errata/RHSA-2026:14210"
        },
        {
          "name": "RHSA-2026:14211",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/errata/RHSA-2026:14211"
        },
        {
          "name": "RHSA-2026:14212",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/errata/RHSA-2026:14212"
        },
        {
          "name": "RHSA-2026:14213",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/errata/RHSA-2026:14213"
        },
        {
          "name": "RHSA-2026:14214",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/errata/RHSA-2026:14214"
        },
        {
          "name": "RHSA-2026:14215",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/errata/RHSA-2026:14215"
        },
        {
          "name": "RHSA-2026:14216",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/errata/RHSA-2026:14216"
        },
        {
          "name": "RHSA-2026:19043",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/errata/RHSA-2026:19043"
        },
        {
          "name": "RHSA-2026:19200",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/errata/RHSA-2026:19200"
        },
        {
          "name": "RHSA-2026:20916",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/errata/RHSA-2026:20916"
        },
        {
          "tags": [
            "vdb-entry",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/security/cve/CVE-2026-35091"
        },
        {
          "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2453169"
        },
        {
          "name": "RHBZ#2453813",
          "tags": [
            "issue-tracking",
            "x_refsource_REDHAT"
          ],
          "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2453813"
        }
      ],
      "timeline": [
        {
          "lang": "en",
          "time": "2026-04-01T11:31:01.742Z",
          "value": "Reported to Red Hat."
        },
        {
          "lang": "en",
          "time": "2026-04-01T11:48:13.254Z",
          "value": "Made public."
        }
      ],
      "title": "Corosync: corosync: denial of service and information disclosure via crafted udp packet",
      "workarounds": [
        {
          "lang": "en",
          "value": "Systems using totemudp or totemudpu should migrate to the supported knet transport and enable encryption.\n\nDisabling the Corosync service is a valid workaround if clustering is not required, but for active clusters, enabling encryption via knet is the preferred and recommended approach."
        }
      ],
      "x_generator": {
        "engine": "cvelib 1.8.0"
      },
      "x_redhatCweChain": "CWE-253: Incorrect Check of Function Return Value"
    }
  },
  "cveMetadata": {
    "assignerOrgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
    "assignerShortName": "redhat",
    "cveId": "CVE-2026-35091",
    "datePublished": "2026-04-01T13:18:53.738Z",
    "dateReserved": "2026-04-01T11:35:23.145Z",
    "dateUpdated": "2026-05-29T16:21:39.121Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.2"
}

CVE-2026-35092 (GCVE-0-2026-35092)

Vulnerability from cvelistv5 – Published: 2026-04-01 13:18 – Updated: 2026-05-29 16:13

Title

Corosync: corosync: denial of service via integer overflow in join message validation

Summary

A flaw was found in Corosync. An integer overflow vulnerability in Corosync's join message sanity validation allows a remote, unauthenticated attacker to send crafted User Datagram Protocol (UDP) packets. This can cause the service to crash, leading to a denial of service. This vulnerability specifically affects Corosync deployments configured to use totemudp/totemudpu mode.

Severity

7.5 (High)


                        
                          CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

SSVC

Exploitation: none Automatable: yes Technical Impact: partial

CISA Coordinator (v2.0.3)

CWE

CWE-190 - Integer Overflow or Wraparound

Assigner

redhat

References

17 references

URL	Tags
https://access.redhat.com/errata/RHSA-2026:13644	vendor-advisoryx_refsource_REDHAT
https://access.redhat.com/errata/RHSA-2026:13657	vendor-advisoryx_refsource_REDHAT
https://access.redhat.com/errata/RHSA-2026:13673	vendor-advisoryx_refsource_REDHAT
https://access.redhat.com/errata/RHSA-2026:14205	vendor-advisoryx_refsource_REDHAT
https://access.redhat.com/errata/RHSA-2026:14210	vendor-advisoryx_refsource_REDHAT
https://access.redhat.com/errata/RHSA-2026:14211	vendor-advisoryx_refsource_REDHAT
https://access.redhat.com/errata/RHSA-2026:14212	vendor-advisoryx_refsource_REDHAT
https://access.redhat.com/errata/RHSA-2026:14213	vendor-advisoryx_refsource_REDHAT
https://access.redhat.com/errata/RHSA-2026:14214	vendor-advisoryx_refsource_REDHAT
https://access.redhat.com/errata/RHSA-2026:14215	vendor-advisoryx_refsource_REDHAT
https://access.redhat.com/errata/RHSA-2026:14216	vendor-advisoryx_refsource_REDHAT
https://access.redhat.com/errata/RHSA-2026:19043	vendor-advisoryx_refsource_REDHAT
https://access.redhat.com/errata/RHSA-2026:19200	vendor-advisoryx_refsource_REDHAT
https://access.redhat.com/errata/RHSA-2026:20916	vendor-advisoryx_refsource_REDHAT
https://access.redhat.com/security/cve/CVE-2026-35092	vdb-entryx_refsource_REDHAT
https://bugzilla.redhat.com/show_bug.cgi?id=2453169
https://bugzilla.redhat.com/show_bug.cgi?id=2453814	issue-trackingx_refsource_REDHAT

Impacted products

19 products

Vendor	Product	Version
Red Hat	Red Hat Enterprise Linux 10	Unaffected: 0:3.1.9-2.el10_1.1 , < * (rpm) cpe:/o:redhat:enterprise_linux:10.1
Red Hat	Red Hat Enterprise Linux 10	Unaffected: 0:3.1.10-1.el10_2.1 , < * (rpm) cpe:/o:redhat:enterprise_linux:10.2
Red Hat	Red Hat Enterprise Linux 10.0 Extended Update Support	Unaffected: 0:3.1.9-1.el10_0.2 , < * (rpm) cpe:/o:redhat:enterprise_linux_eus:10.0
Red Hat	Red Hat Enterprise Linux 7 Extended Lifecycle Support	Unaffected: 0:2.4.5-7.el7_9.3 , < * (rpm) cpe:/o:redhat:enterprise_linux:7::server
Red Hat	Red Hat Enterprise Linux 8	Unaffected: 0:3.1.8-1.el8_10.1 , < * (rpm) cpe:/a:redhat:enterprise_linux:8::appstream cpe:/a:redhat:enterprise_linux:8::crb cpe:/a:redhat:enterprise_linux:8::highavailability cpe:/a:redhat:enterprise_linux:8::resilientstorage
Red Hat	Red Hat Enterprise Linux 8.4 Advanced Mission Critical Update Support	Unaffected: 0:3.1.0-3.el8_4.2 , < * (rpm) cpe:/a:redhat:rhel_aus:8.4::appstream cpe:/a:redhat:rhel_aus:8.4::highavailability cpe:/a:redhat:rhel_eus_long_life:8.4::appstream cpe:/a:redhat:rhel_eus_long_life:8.4::highavailability
Red Hat	Red Hat Enterprise Linux 8.4 Extended Update Support Long-Life Add-On	Unaffected: 0:3.1.0-3.el8_4.2 , < * (rpm) cpe:/a:redhat:rhel_aus:8.4::appstream cpe:/a:redhat:rhel_aus:8.4::highavailability cpe:/a:redhat:rhel_eus_long_life:8.4::appstream cpe:/a:redhat:rhel_eus_long_life:8.4::highavailability
Red Hat	Red Hat Enterprise Linux 8.6 Advanced Mission Critical Update Support	Unaffected: 0:3.1.5-2.el8_6.1 , < * (rpm) cpe:/a:redhat:rhel_aus:8.6::appstream cpe:/a:redhat:rhel_e4s:8.6::appstream cpe:/a:redhat:rhel_e4s:8.6::highavailability cpe:/a:redhat:rhel_tus:8.6::appstream cpe:/a:redhat:rhel_tus:8.6::highavailability
Red Hat	Red Hat Enterprise Linux 8.6 Telecommunications Update Service	Unaffected: 0:3.1.5-2.el8_6.1 , < * (rpm) cpe:/a:redhat:rhel_aus:8.6::appstream cpe:/a:redhat:rhel_e4s:8.6::appstream cpe:/a:redhat:rhel_e4s:8.6::highavailability cpe:/a:redhat:rhel_tus:8.6::appstream cpe:/a:redhat:rhel_tus:8.6::highavailability
Red Hat	Red Hat Enterprise Linux 8.6 Update Services for SAP Solutions	Unaffected: 0:3.1.5-2.el8_6.1 , < * (rpm) cpe:/a:redhat:rhel_aus:8.6::appstream cpe:/a:redhat:rhel_e4s:8.6::appstream cpe:/a:redhat:rhel_e4s:8.6::highavailability cpe:/a:redhat:rhel_tus:8.6::appstream cpe:/a:redhat:rhel_tus:8.6::highavailability
Red Hat	Red Hat Enterprise Linux 8.8 Telecommunications Update Service	Unaffected: 0:3.1.7-1.el8_8.1 , < * (rpm) cpe:/a:redhat:rhel_e4s:8.8::appstream cpe:/a:redhat:rhel_e4s:8.8::highavailability cpe:/a:redhat:rhel_tus:8.8::appstream cpe:/a:redhat:rhel_tus:8.8::highavailability
Red Hat	Red Hat Enterprise Linux 8.8 Update Services for SAP Solutions	Unaffected: 0:3.1.7-1.el8_8.1 , < * (rpm) cpe:/a:redhat:rhel_e4s:8.8::appstream cpe:/a:redhat:rhel_e4s:8.8::highavailability cpe:/a:redhat:rhel_tus:8.8::appstream cpe:/a:redhat:rhel_tus:8.8::highavailability
Red Hat	Red Hat Enterprise Linux 9	Unaffected: 0:3.1.9-2.el9_7.1 , < * (rpm) cpe:/a:redhat:enterprise_linux:9::appstream cpe:/a:redhat:enterprise_linux:9::crb cpe:/a:redhat:enterprise_linux:9::highavailability cpe:/a:redhat:enterprise_linux:9::resilientstorage
Red Hat	Red Hat Enterprise Linux 9	Unaffected: 0:3.1.10-1.el9_8.1 , < * (rpm) cpe:/a:redhat:enterprise_linux:9::appstream cpe:/a:redhat:enterprise_linux:9::crb cpe:/a:redhat:enterprise_linux:9::highavailability cpe:/a:redhat:enterprise_linux:9::resilientstorage
Red Hat	Red Hat Enterprise Linux 9.0 Update Services for SAP Solutions	Unaffected: 0:3.1.5-3.el9_0.1 , < * (rpm) cpe:/a:redhat:rhel_e4s:9.0::appstream cpe:/a:redhat:rhel_e4s:9.0::highavailability cpe:/a:redhat:rhel_e4s:9.0::resilientstorage
Red Hat	Red Hat Enterprise Linux 9.2 Update Services for SAP Solutions	Unaffected: 0:3.1.7-1.el9_2.1 , < * (rpm) cpe:/a:redhat:rhel_e4s:9.2::appstream cpe:/a:redhat:rhel_e4s:9.2::highavailability cpe:/a:redhat:rhel_e4s:9.2::resilientstorage
Red Hat	Red Hat Enterprise Linux 9.4 Extended Update Support	Unaffected: 0:3.1.8-1.el9_4.1 , < * (rpm) cpe:/a:redhat:rhel_eus:9.4::appstream cpe:/a:redhat:rhel_eus:9.4::crb cpe:/a:redhat:rhel_eus:9.4::highavailability cpe:/a:redhat:rhel_eus:9.4::resilientstorage
Red Hat	Red Hat Enterprise Linux 9.6 Extended Update Support	Unaffected: 0:3.1.9-2.el9_6.1 , < * (rpm) cpe:/a:redhat:rhel_eus:9.6::appstream cpe:/a:redhat:rhel_eus:9.6::crb cpe:/a:redhat:rhel_eus:9.6::highavailability cpe:/a:redhat:rhel_eus:9.6::resilientstorage
Red Hat	Red Hat OpenShift Container Platform 4	cpe:/a:redhat:openshift:4

Date Public

2026-04-01 11:48

Credits

Red Hat would like to thank Sebastián Alba Vives for reporting this issue.

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "metrics": [
          {
            "other": {
              "content": {
                "id": "CVE-2026-35092",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "yes"
                  },
                  {
                    "Technical Impact": "partial"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2026-04-01T13:29:07.148266Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2026-04-01T13:32:35.483Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      }
    ],
    "cna": {
      "affected": [
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/o:redhat:enterprise_linux:10.1"
          ],
          "defaultStatus": "affected",
          "packageName": "corosync",
          "product": "Red Hat Enterprise Linux 10",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "0:3.1.9-2.el10_1.1",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/o:redhat:enterprise_linux:10.2"
          ],
          "defaultStatus": "affected",
          "packageName": "corosync",
          "product": "Red Hat Enterprise Linux 10",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "0:3.1.10-1.el10_2.1",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/o:redhat:enterprise_linux_eus:10.0"
          ],
          "defaultStatus": "affected",
          "packageName": "corosync",
          "product": "Red Hat Enterprise Linux 10.0 Extended Update Support",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "0:3.1.9-1.el10_0.2",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/o:redhat:enterprise_linux:7::server"
          ],
          "defaultStatus": "affected",
          "packageName": "corosync",
          "product": "Red Hat Enterprise Linux 7 Extended Lifecycle Support",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "0:2.4.5-7.el7_9.3",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:enterprise_linux:8::appstream",
            "cpe:/a:redhat:enterprise_linux:8::crb",
            "cpe:/a:redhat:enterprise_linux:8::highavailability",
            "cpe:/a:redhat:enterprise_linux:8::resilientstorage"
          ],
          "defaultStatus": "affected",
          "packageName": "corosync",
          "product": "Red Hat Enterprise Linux 8",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "0:3.1.8-1.el8_10.1",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:rhel_aus:8.4::appstream",
            "cpe:/a:redhat:rhel_aus:8.4::highavailability",
            "cpe:/a:redhat:rhel_eus_long_life:8.4::appstream",
            "cpe:/a:redhat:rhel_eus_long_life:8.4::highavailability"
          ],
          "defaultStatus": "affected",
          "packageName": "corosync",
          "product": "Red Hat Enterprise Linux 8.4 Advanced Mission Critical Update Support",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "0:3.1.0-3.el8_4.2",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:rhel_aus:8.4::appstream",
            "cpe:/a:redhat:rhel_aus:8.4::highavailability",
            "cpe:/a:redhat:rhel_eus_long_life:8.4::appstream",
            "cpe:/a:redhat:rhel_eus_long_life:8.4::highavailability"
          ],
          "defaultStatus": "affected",
          "packageName": "corosync",
          "product": "Red Hat Enterprise Linux 8.4 Extended Update Support Long-Life Add-On",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "0:3.1.0-3.el8_4.2",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:rhel_aus:8.6::appstream",
            "cpe:/a:redhat:rhel_e4s:8.6::appstream",
            "cpe:/a:redhat:rhel_e4s:8.6::highavailability",
            "cpe:/a:redhat:rhel_tus:8.6::appstream",
            "cpe:/a:redhat:rhel_tus:8.6::highavailability"
          ],
          "defaultStatus": "affected",
          "packageName": "corosync",
          "product": "Red Hat Enterprise Linux 8.6 Advanced Mission Critical Update Support",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "0:3.1.5-2.el8_6.1",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:rhel_aus:8.6::appstream",
            "cpe:/a:redhat:rhel_e4s:8.6::appstream",
            "cpe:/a:redhat:rhel_e4s:8.6::highavailability",
            "cpe:/a:redhat:rhel_tus:8.6::appstream",
            "cpe:/a:redhat:rhel_tus:8.6::highavailability"
          ],
          "defaultStatus": "affected",
          "packageName": "corosync",
          "product": "Red Hat Enterprise Linux 8.6 Telecommunications Update Service",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "0:3.1.5-2.el8_6.1",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:rhel_aus:8.6::appstream",
            "cpe:/a:redhat:rhel_e4s:8.6::appstream",
            "cpe:/a:redhat:rhel_e4s:8.6::highavailability",
            "cpe:/a:redhat:rhel_tus:8.6::appstream",
            "cpe:/a:redhat:rhel_tus:8.6::highavailability"
          ],
          "defaultStatus": "affected",
          "packageName": "corosync",
          "product": "Red Hat Enterprise Linux 8.6 Update Services for SAP Solutions",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "0:3.1.5-2.el8_6.1",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:rhel_e4s:8.8::appstream",
            "cpe:/a:redhat:rhel_e4s:8.8::highavailability",
            "cpe:/a:redhat:rhel_tus:8.8::appstream",
            "cpe:/a:redhat:rhel_tus:8.8::highavailability"
          ],
          "defaultStatus": "affected",
          "packageName": "corosync",
          "product": "Red Hat Enterprise Linux 8.8 Telecommunications Update Service",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "0:3.1.7-1.el8_8.1",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:rhel_e4s:8.8::appstream",
            "cpe:/a:redhat:rhel_e4s:8.8::highavailability",
            "cpe:/a:redhat:rhel_tus:8.8::appstream",
            "cpe:/a:redhat:rhel_tus:8.8::highavailability"
          ],
          "defaultStatus": "affected",
          "packageName": "corosync",
          "product": "Red Hat Enterprise Linux 8.8 Update Services for SAP Solutions",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "0:3.1.7-1.el8_8.1",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:enterprise_linux:9::appstream",
            "cpe:/a:redhat:enterprise_linux:9::crb",
            "cpe:/a:redhat:enterprise_linux:9::highavailability",
            "cpe:/a:redhat:enterprise_linux:9::resilientstorage"
          ],
          "defaultStatus": "affected",
          "packageName": "corosync",
          "product": "Red Hat Enterprise Linux 9",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "0:3.1.9-2.el9_7.1",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:enterprise_linux:9::appstream",
            "cpe:/a:redhat:enterprise_linux:9::crb",
            "cpe:/a:redhat:enterprise_linux:9::highavailability",
            "cpe:/a:redhat:enterprise_linux:9::resilientstorage"
          ],
          "defaultStatus": "affected",
          "packageName": "corosync",
          "product": "Red Hat Enterprise Linux 9",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "0:3.1.10-1.el9_8.1",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:rhel_e4s:9.0::appstream",
            "cpe:/a:redhat:rhel_e4s:9.0::highavailability",
            "cpe:/a:redhat:rhel_e4s:9.0::resilientstorage"
          ],
          "defaultStatus": "affected",
          "packageName": "corosync",
          "product": "Red Hat Enterprise Linux 9.0 Update Services for SAP Solutions",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "0:3.1.5-3.el9_0.1",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:rhel_e4s:9.2::appstream",
            "cpe:/a:redhat:rhel_e4s:9.2::highavailability",
            "cpe:/a:redhat:rhel_e4s:9.2::resilientstorage"
          ],
          "defaultStatus": "affected",
          "packageName": "corosync",
          "product": "Red Hat Enterprise Linux 9.2 Update Services for SAP Solutions",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "0:3.1.7-1.el9_2.1",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:rhel_eus:9.4::appstream",
            "cpe:/a:redhat:rhel_eus:9.4::crb",
            "cpe:/a:redhat:rhel_eus:9.4::highavailability",
            "cpe:/a:redhat:rhel_eus:9.4::resilientstorage"
          ],
          "defaultStatus": "affected",
          "packageName": "corosync",
          "product": "Red Hat Enterprise Linux 9.4 Extended Update Support",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "0:3.1.8-1.el9_4.1",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:rhel_eus:9.6::appstream",
            "cpe:/a:redhat:rhel_eus:9.6::crb",
            "cpe:/a:redhat:rhel_eus:9.6::highavailability",
            "cpe:/a:redhat:rhel_eus:9.6::resilientstorage"
          ],
          "defaultStatus": "affected",
          "packageName": "corosync",
          "product": "Red Hat Enterprise Linux 9.6 Extended Update Support",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "0:3.1.9-2.el9_6.1",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:openshift:4"
          ],
          "defaultStatus": "unaffected",
          "packageName": "rhcos",
          "product": "Red Hat OpenShift Container Platform 4",
          "vendor": "Red Hat"
        }
      ],
      "credits": [
        {
          "lang": "en",
          "value": "Red Hat would like to thank Sebasti\u00e1n Alba Vives for reporting this issue."
        }
      ],
      "datePublic": "2026-04-01T11:48:22.309Z",
      "descriptions": [
        {
          "lang": "en",
          "value": "A flaw was found in Corosync. An integer overflow vulnerability in Corosync\u0027s join message sanity validation allows a remote, unauthenticated attacker to send crafted User Datagram Protocol (UDP) packets. This can cause the service to crash, leading to a denial of service. This vulnerability specifically affects Corosync deployments configured to use totemudp/totemudpu mode."
        }
      ],
      "metrics": [
        {
          "other": {
            "content": {
              "namespace": "https://access.redhat.com/security/updates/classification/",
              "value": "Moderate"
            },
            "type": "Red Hat severity rating"
          }
        },
        {
          "cvssV3_1": {
            "attackComplexity": "LOW",
            "attackVector": "NETWORK",
            "availabilityImpact": "HIGH",
            "baseScore": 7.5,
            "baseSeverity": "HIGH",
            "confidentialityImpact": "NONE",
            "integrityImpact": "NONE",
            "privilegesRequired": "NONE",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
            "version": "3.1"
          },
          "format": "CVSS"
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-190",
              "description": "Integer Overflow or Wraparound",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2026-05-29T16:13:02.556Z",
        "orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
        "shortName": "redhat"
      },
      "references": [
        {
          "name": "RHSA-2026:13644",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/errata/RHSA-2026:13644"
        },
        {
          "name": "RHSA-2026:13657",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/errata/RHSA-2026:13657"
        },
        {
          "name": "RHSA-2026:13673",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/errata/RHSA-2026:13673"
        },
        {
          "name": "RHSA-2026:14205",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/errata/RHSA-2026:14205"
        },
        {
          "name": "RHSA-2026:14210",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/errata/RHSA-2026:14210"
        },
        {
          "name": "RHSA-2026:14211",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/errata/RHSA-2026:14211"
        },
        {
          "name": "RHSA-2026:14212",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/errata/RHSA-2026:14212"
        },
        {
          "name": "RHSA-2026:14213",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/errata/RHSA-2026:14213"
        },
        {
          "name": "RHSA-2026:14214",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/errata/RHSA-2026:14214"
        },
        {
          "name": "RHSA-2026:14215",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/errata/RHSA-2026:14215"
        },
        {
          "name": "RHSA-2026:14216",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/errata/RHSA-2026:14216"
        },
        {
          "name": "RHSA-2026:19043",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/errata/RHSA-2026:19043"
        },
        {
          "name": "RHSA-2026:19200",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/errata/RHSA-2026:19200"
        },
        {
          "name": "RHSA-2026:20916",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/errata/RHSA-2026:20916"
        },
        {
          "tags": [
            "vdb-entry",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/security/cve/CVE-2026-35092"
        },
        {
          "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2453169"
        },
        {
          "name": "RHBZ#2453814",
          "tags": [
            "issue-tracking",
            "x_refsource_REDHAT"
          ],
          "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2453814"
        }
      ],
      "timeline": [
        {
          "lang": "en",
          "time": "2026-04-01T11:32:04.388Z",
          "value": "Reported to Red Hat."
        },
        {
          "lang": "en",
          "time": "2026-04-01T11:48:22.309Z",
          "value": "Made public."
        }
      ],
      "title": "Corosync: corosync: denial of service via integer overflow in join message validation",
      "workarounds": [
        {
          "lang": "en",
          "value": "Systems using totemudp or totemudpu should migrate to the supported knet transport and enable encryption."
        }
      ],
      "x_generator": {
        "engine": "cvelib 1.8.0"
      },
      "x_redhatCweChain": "CWE-190: Integer Overflow or Wraparound"
    }
  },
  "cveMetadata": {
    "assignerOrgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
    "assignerShortName": "redhat",
    "cveId": "CVE-2026-35092",
    "datePublished": "2026-04-01T13:18:55.551Z",
    "dateReserved": "2026-04-01T11:35:23.146Z",
    "dateUpdated": "2026-05-29T16:13:02.556Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.2"
}

Sightings

Author	Source	Type	Date	Other

Nomenclature

Seen: The vulnerability was mentioned, discussed, or observed by the user.
Confirmed: The vulnerability has been validated from an analyst's perspective.
Published Proof of Concept: A public proof of concept is available for this vulnerability.
Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
Not confirmed: The user expressed doubt about the validity of the vulnerability.
Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.

Detection rules are retrieved from Rulezet.

Action not permitted

WID-SEC-W-2026-1358

CVE-2026-35091 (GCVE-0-2026-35091)

CVE-2026-35092 (GCVE-0-2026-35092)

Tags

Sightings

Nomenclature