oss-sec mailing list archives

[FYI / CVE assignment notification] CVE-2013-0281 pacemaker: Denial of service when remote CIB management enabled due to use of no-timeout blocking socket to wait for the arrival of the authentication credentials

From: Jan Lieskovsky <jlieskov () redhat com>
Date: Thu, 14 Feb 2013 11:47:47 -0500 (EST)

Hello vendors,

* A denial of service flaw was found in the way Pacemaker,
an advanced, scalable high-availability cluster resource
manager for Linux-HA (Heartbeat) and/or Corosync, performed
authentication and processing of remote connections in certain
circumstances. In general Pacemaker used a blocking socket
(without a timeout) to wait for authentication credentials
to arrive. When Pacemaker was configured to allow remote
Cluster Information Base (CIB) cluster's configuration /
cluster's resources management, a remote attacker could use
this flaw to cause Pacemaker to block indefinitely
(preventing it from serving another requests).

* The CVE identifier of CVE-2013-0281 has been assigned to this issue.

* This issue was found by David Vossel of Red Hat.

* Relevant upstream patch:
[1] https://github.com/ClusterLabs/pacemaker/commit/564f7cc2a51dcd2f28ab12a13394f31be5aa3c93

* References:
[2] https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2013-0281

Thank you && Regards, Jan.
--
Jan iankko Lieskovsky / Red Hat Security Response Team

Current thread:

[FYI / CVE assignment notification] CVE-2013-0281 pacemaker: Denial of service when remote CIB management enabled due to use of no-timeout blocking socket to wait for the arrival of the authentication credentials Jan Lieskovsky (Feb 14)