Threats Tagged 'cve-2026-35091'

Two vulnerabilities have been identified in the corosync packages used by Red Hat Enterprise Linux cluster software. CVE-2026-35091 allows denial of service and information disclosure via a crafted UDP packet. CVE-2026-35092 allows denial of service through an integer overflow in join message validation. These issues have been rated with moderate security impact by Red Hat Product Security. Updates addressing these vulnerabilities are available for Red Hat Enterprise Linux 8 and related variants. The vendor advisory provides detailed instructions for applying the update to remediate these issues.

Two vulnerabilities affecting the corosync packages in Red Hat Enterprise Linux 9 have been identified. CVE-2026-35091 allows denial of service and information disclosure via a crafted UDP packet. CVE-2026-35092 allows denial of service through an integer overflow during join message validation. Red Hat has issued a security advisory with updates addressing these issues. The vulnerabilities are rated as moderate in severity. No known exploits are reported in the wild at this time.

Two vulnerabilities have been identified in the corosync packages used by Red Hat Enterprise Linux cluster software. CVE-2026-35091 allows denial of service and information disclosure via a crafted UDP packet. CVE-2026-35092 allows denial of service through an integer overflow in join message validation. These issues affect multiple Red Hat Enterprise Linux 9 variants and related cluster products. Red Hat has issued a security advisory with updated packages to address these vulnerabilities. The severity is rated as moderate by Red Hat. No known exploits are reported in the wild at this time.

Two security vulnerabilities have been identified in the corosync packages used by Red Hat Enterprise Linux cluster software. The first vulnerability (CVE-2026-35091) allows denial of service and information disclosure via a crafted UDP packet. The second vulnerability (CVE-2026-35092) enables denial of service through an integer overflow in join message validation. These issues affect multiple Red Hat Enterprise Linux 10 variants and related cluster software. Red Hat has issued a security advisory with updated packages to address these vulnerabilities.

Two vulnerabilities have been identified in the corosync packages used by Red Hat Enterprise Linux cluster software. CVE-2026-35091 allows denial of service and information disclosure via a crafted UDP packet. CVE-2026-35092 allows denial of service through an integer overflow in join message validation. These issues affect multiple Red Hat Enterprise Linux 10 variants and related cluster software. Red Hat has issued a security advisory rating the impact as moderate and has released updated packages to address these vulnerabilities.

Two security vulnerabilities have been identified in the corosync packages used by Red Hat Enterprise Linux cluster software. The first vulnerability (CVE-2026-35091) allows denial of service and information disclosure via a crafted UDP packet. The second vulnerability (CVE-2026-35092) allows denial of service through an integer overflow in join message validation. These issues affect multiple Red Hat Enterprise Linux 9. 6 variants and related cluster and builder products. Red Hat has issued a security advisory with updated packages to address these vulnerabilities.

Two vulnerabilities have been identified in the Corosync Cluster Engine packages for Red Hat Enterprise Linux 9. 0 and related cluster software. The first vulnerability (CVE-2026-35091) allows denial of service and information disclosure via a crafted UDP packet. The second vulnerability (CVE-2026-35092) enables denial of service through an integer overflow in join message validation. Red Hat has issued a security advisory (RHSA-2026:14211) and released updated corosync packages to address these issues. The severity of these vulnerabilities is rated as moderate. No known exploits are reported in the wild. The advisory provides detailed instructions and updated packages for remediation.

Two security vulnerabilities have been identified in the Corosync Cluster Engine packages for Red Hat Enterprise Linux 9. 2 and related cluster software. The first vulnerability (CVE-2026-35091) allows denial of service and information disclosure via a crafted UDP packet. The second vulnerability (CVE-2026-35092) enables denial of service through an integer overflow in join message validation. Red Hat has released updated corosync packages addressing these issues. The security impact is rated as moderate by Red Hat Product Security.

Two vulnerabilities have been identified in the corosync packages used in Red Hat Enterprise Linux cluster software. CVE-2026-35091 allows denial of service and information disclosure via a crafted UDP packet. CVE-2026-35092 allows denial of service through an integer overflow in join message validation. These issues affect multiple Red Hat Enterprise Linux 8. 8 variants, including High Availability and AppStream versions. Red Hat has issued a security advisory rating the impact as moderate and has released updated corosync packages to address these vulnerabilities.

Two vulnerabilities affecting the Corosync Cluster Engine in Red Hat Enterprise Linux 9. 4 have been identified. CVE-2026-35091 allows denial of service and information disclosure via a crafted UDP packet. CVE-2026-35092 enables denial of service through an integer overflow in join message validation. These issues have been rated as moderate severity by Red Hat Product Security. Updates addressing these vulnerabilities are available for affected Red Hat Enterprise Linux versions, including Extended Update Support and Update Services for SAP Solutions. No known exploits are reported in the wild at this time.