Red Hat Security Advisory: pcs security update
A low severity vulnerability (CVE-2024-35176) affects the pcs packages used for command-line configuration of Pacemaker and Corosync utilities in Red Hat Enterprise Linux 8. The issue involves a denial of service (DoS) caused by the REXML parser when processing XML attributes containing many '<' characters. Red Hat has released an update to address this vulnerability in multiple Red Hat Enterprise Linux 8 variants, including High Availability and Resilient Storage editions across various architectures. No known exploits are reported in the wild. The update is available and should be applied to affected systems.
AI Analysis
Technical Summary
The pcs packages for Red Hat Enterprise Linux 8 contain a vulnerability identified as CVE-2024-35176, where the REXML XML parser can be forced into a denial of service state by parsing XML with many '<' characters in an attribute value. This vulnerability is rated as low severity by Red Hat Product Security. The issue affects multiple Red Hat Enterprise Linux 8 High Availability and Resilient Storage products across x86_64, aarch64, s390x, and ppc64le architectures. Red Hat has issued a security advisory RHSA-2024:5338 with updated pcs packages to fix this issue.
Potential Impact
The vulnerability allows an attacker to cause a denial of service condition by exploiting the REXML parser's handling of XML attributes with many '<' characters. This could disrupt the pcs command-line configuration system for Pacemaker and Corosync utilities, potentially impacting cluster management operations. The severity is rated low, and no known exploits exist in the wild.
Mitigation Recommendations
Red Hat has released updated pcs packages that address this vulnerability. Users should apply the security update as described in Red Hat advisory RHSA-2024:5338 and the related article https://access.redhat.com/articles/11258. Applying this update mitigates the vulnerability. No additional mitigation steps are required beyond installing the official fix.
Red Hat Security Advisory: pcs security update
Description
A low severity vulnerability (CVE-2024-35176) affects the pcs packages used for command-line configuration of Pacemaker and Corosync utilities in Red Hat Enterprise Linux 8. The issue involves a denial of service (DoS) caused by the REXML parser when processing XML attributes containing many '<' characters. Red Hat has released an update to address this vulnerability in multiple Red Hat Enterprise Linux 8 variants, including High Availability and Resilient Storage editions across various architectures. No known exploits are reported in the wild. The update is available and should be applied to affected systems.
Affected software
Run on your own infrastructure? Check whether these packages are installed with threat-finder — our free open-source scanner.
Weaknesses
AI-Powered Analysis
Machine-generated threat intelligence
Technical Analysis
The pcs packages for Red Hat Enterprise Linux 8 contain a vulnerability identified as CVE-2024-35176, where the REXML XML parser can be forced into a denial of service state by parsing XML with many '<' characters in an attribute value. This vulnerability is rated as low severity by Red Hat Product Security. The issue affects multiple Red Hat Enterprise Linux 8 High Availability and Resilient Storage products across x86_64, aarch64, s390x, and ppc64le architectures. Red Hat has issued a security advisory RHSA-2024:5338 with updated pcs packages to fix this issue.
Potential Impact
The vulnerability allows an attacker to cause a denial of service condition by exploiting the REXML parser's handling of XML attributes with many '<' characters. This could disrupt the pcs command-line configuration system for Pacemaker and Corosync utilities, potentially impacting cluster management operations. The severity is rated low, and no known exploits exist in the wild.
Mitigation Recommendations
Red Hat has released updated pcs packages that address this vulnerability. Users should apply the security update as described in Red Hat advisory RHSA-2024:5338 and the related article https://access.redhat.com/articles/11258. Applying this update mitigates the vulnerability. No additional mitigation steps are required beyond installing the official fix.
Technical Details
- Gcve Source
- db.gcve.eu
- Csaf Category
- csaf_security_advisory
- Csaf Version
- 2.0
- Publisher
- Red Hat Product Security
- Advisory Id
- RHSA-2024:5338
- Cve Count
- 1
- Additional Cves
- []
- Cvss Version
- null
Threat ID: 6a3da1f14853345fc1832d2d
Added to database: 06/25/2026, 21:47:29 UTC
Last enriched: 06/25/2026, 22:45:21 UTC
Last updated: 06/26/2026, 01:00:55 UTC
Views: 4
Community Reviews
0 reviewsCrowdsource mitigation strategies, share intel context, and vote on the most helpful responses. Sign in to add your voice and help keep defenders ahead.
Want to contribute mitigation steps or threat intel context? Sign in or create an account to join the community discussion.
Actions
Updates to AI analysis require Pro Console access. Upgrade inside Console → Billing.
Need more coverage?
Upgrade to Pro Console for AI refresh and higher limits.
For incident response and remediation, OffSeq services can help resolve threats faster.
Latest Threats
Check if your credentials are on the dark web
Instant breach scanning across billions of leaked records. Free tier available.