Debian Corosync vulnerabilities

5 known vulnerabilities affecting debian/corosync.

Total CVEs
5
CISA KEV
0
Public exploits
0
Exploited in wild
0
Severity breakdown
CRITICAL1HIGH3LOW1

Vulnerabilities

Page 1 of 1
CVE-2026-35092HIGHCVSS 7.52026
CVE-2026-35092 [HIGH] CVE-2026-35092: corosync - A flaw was found in Corosync. An integer overflow vulnerability in Corosync's jo... A flaw was found in Corosync. An integer overflow vulnerability in Corosync's join message sanity validation allows a remote, unauthenticated attacker to send crafted User Datagram Protocol (UDP) packets. This can cause the service to crash, leading to a denial of service. This vulnerability specifically affects Corosync deployments configured to use totemudp/totem
debian
CVE-2026-35091HIGHCVSS 8.22026
CVE-2026-35091 [HIGH] CVE-2026-35091: corosync - A flaw was found in Corosync. A remote unauthenticated attacker can exploit a wr... A flaw was found in Corosync. A remote unauthenticated attacker can exploit a wrong return value vulnerability in the Corosync membership commit token sanity check by sending a specially crafted User Datagram Protocol (UDP) packet. This can lead to an out-of-bounds read, causing a denial of service (DoS) and potentially disclosing limited memory contents. This vuln
debian
CVE-2025-30472CRITICALCVSS 9.0fixed in corosync 3.1.7-1+deb12u1 (bookworm)2025
CVE-2025-30472 [CRITICAL] CVE-2025-30472: corosync - Corosync through 3.1.9, if encryption is disabled or the attacker knows the encr... Corosync through 3.1.9, if encryption is disabled or the attacker knows the encryption key, has a stack-based buffer overflow in orf_token_endian_convert in exec/totemsrp.c via a large UDP packet. Scope: local bookworm: resolved (fixed in 3.1.7-1+deb12u1) bullseye: resolved (fixed in 3.1.2-2+deb11u1) forky: resolved (fixed in 3.1.9-2) sid: resolved (fixed in 3.
debian
CVE-2018-1084HIGHCVSS 7.5fixed in corosync 2.4.4-1 (bookworm)2018
CVE-2018-1084 [HIGH] CVE-2018-1084: corosync - corosync before version 2.4.4 is vulnerable to an integer overflow in exec/totem... corosync before version 2.4.4 is vulnerable to an integer overflow in exec/totemcrypto.c. Scope: local bookworm: resolved (fixed in 2.4.4-1) bullseye: resolved (fixed in 2.4.4-1) forky: resolved (fixed in 2.4.4-1) sid: resolved (fixed in 2.4.4-1) trixie: resolved (fixed in 2.4.4-1)
debian
CVE-2013-0250LOWCVSS 5.02013
CVE-2013-0250 [MEDIUM] CVE-2013-0250: corosync - The init_nss_hash function in exec/totemcrypto.c in Corosync 2.0 before 2.3 does... The init_nss_hash function in exec/totemcrypto.c in Corosync 2.0 before 2.3 does not properly initialize the HMAC key, which allows remote attackers to cause a denial of service (crash) via a crafted packet. Scope: local bookworm: resolved bullseye: resolved forky: resolved sid: resolved trixie: resolved
debian