Red Hat Security Advisory: pcs security update
A denial of service vulnerability (CVE-2026-31958) exists in the Tornado Python framework used by the pcs packages, which provide command-line configuration for Pacemaker and Corosync utilities in Red Hat Enterprise Linux 8 variants. The issue involves handling large multipart bodies that can cause service disruption. Red Hat has released an update to address this vulnerability in multiple Red Hat Enterprise Linux 8 High Availability and Resilient Storage variants. The severity is rated as moderate by Red Hat Product Security. No known exploits are reported in the wild at this time.
AI Analysis
Technical Summary
The pcs packages in Red Hat Enterprise Linux 8 provide command-line configuration for Pacemaker and Corosync. A security flaw in the Tornado Python framework (CVE-2026-31958) allows denial of service via processing of large multipart bodies. Red Hat has issued an advisory (RHSA-2026:8093) and released updated pcs packages to fix this issue across various architectures and product variants. The vulnerability is classified as CWE-770 (Allocation of Resources Without Limits or Throttling).
Potential Impact
Successful exploitation of this vulnerability can cause denial of service conditions by overwhelming the Tornado Python framework with large multipart bodies, potentially disrupting the availability of pcs-related services in Red Hat Enterprise Linux 8 High Availability and Resilient Storage environments. There are no reports of active exploitation in the wild.
Mitigation Recommendations
Red Hat has released updated pcs packages that fix this vulnerability. Users should apply the security update as described in the Red Hat advisory RHSA-2026:8093 and the referenced article https://access.redhat.com/articles/11258. Applying these updates will mitigate the denial of service risk. No additional vendor-recommended mitigations are indicated.
Red Hat Security Advisory: pcs security update
Description
A denial of service vulnerability (CVE-2026-31958) exists in the Tornado Python framework used by the pcs packages, which provide command-line configuration for Pacemaker and Corosync utilities in Red Hat Enterprise Linux 8 variants. The issue involves handling large multipart bodies that can cause service disruption. Red Hat has released an update to address this vulnerability in multiple Red Hat Enterprise Linux 8 High Availability and Resilient Storage variants. The severity is rated as moderate by Red Hat Product Security. No known exploits are reported in the wild at this time.
Weaknesses
AI-Powered Analysis
Machine-generated threat intelligence
Technical Analysis
The pcs packages in Red Hat Enterprise Linux 8 provide command-line configuration for Pacemaker and Corosync. A security flaw in the Tornado Python framework (CVE-2026-31958) allows denial of service via processing of large multipart bodies. Red Hat has issued an advisory (RHSA-2026:8093) and released updated pcs packages to fix this issue across various architectures and product variants. The vulnerability is classified as CWE-770 (Allocation of Resources Without Limits or Throttling).
Potential Impact
Successful exploitation of this vulnerability can cause denial of service conditions by overwhelming the Tornado Python framework with large multipart bodies, potentially disrupting the availability of pcs-related services in Red Hat Enterprise Linux 8 High Availability and Resilient Storage environments. There are no reports of active exploitation in the wild.
Mitigation Recommendations
Red Hat has released updated pcs packages that fix this vulnerability. Users should apply the security update as described in the Red Hat advisory RHSA-2026:8093 and the referenced article https://access.redhat.com/articles/11258. Applying these updates will mitigate the denial of service risk. No additional vendor-recommended mitigations are indicated.
Technical Details
- Gcve Source
- db.gcve.eu
- Csaf Category
- csaf_security_advisory
- Csaf Version
- 2.0
- Publisher
- Red Hat Product Security
- Advisory Id
- RHSA-2026:8093
- Cve Count
- 1
- Additional Cves
- []
- Cvss Version
- null
Threat ID: 6a160977e29bf47b5064323b
Added to database: 5/26/2026, 8:58:31 PM
Last enriched: 5/26/2026, 11:21:27 PM
Last updated: 5/27/2026, 4:51:54 AM
Views: 2
Community Reviews
0 reviewsCrowdsource mitigation strategies, share intel context, and vote on the most helpful responses. Sign in to add your voice and help keep defenders ahead.
Want to contribute mitigation steps or threat intel context? Sign in or create an account to join the community discussion.
Actions
Updates to AI analysis require Pro Console access. Upgrade inside Console → Billing.
Need more coverage?
Upgrade to Pro Console for AI refresh and higher limits.
For incident response and remediation, OffSeq services can help resolve threats faster.
Latest Threats
Check if your credentials are on the dark web
Instant breach scanning across billions of leaked records. Free tier available.