Uploaded image for project: 'RHEL'
  1. RHEL
  2. RHEL-84338

kronosnet can be crashed by malformed packet (if crypto disabled)

Linking RHIVOS CVEs to...Migration: Automation ...SWIFT: POC ConversionSync from "Extern...XMLWordPrintable

    • Icon: Bug Bug
    • Resolution: Unresolved
    • Icon: Normal Normal
    • None
    • None
    • kronosnet
    • None
    • kronosnet-1.31-1.el10
    • No
    • Moderate
    • rhel-ha
    • None
    • False
    • False
    • Hide

      None

      Show
      None
    • None
    • None
    • None
    • None
    • Unspecified
    • Unspecified
    • Unspecified
    • None

      If crypto is disabled in corosync/knet (this is not a supported configuration), then corosync can be crashed by a malformed acket sent from another node in a running cluster.

      Supported installations are immune to this bug, If crypto is enabled then the packet will not decrypt correctly and decompression will not be attempted.

      for reproducer see https://github.com/kronosnet/kronosnet/issues/435

       

      This issue is patched upstream as

      https://github.com/kronosnet/kronosnet/pull/437

              rhn-support-ccaulfie Christine Caulfield
              rhn-support-ccaulfie Christine Caulfield
              Votes:
              0 Vote for this issue
              Watchers:
              4 Start watching this issue

                Created:
                Updated: