First published: Mon Dec 10 2018(Updated: )
A flaw was found in pacemaker up to and including version 2.0.1. An insufficient verification inflicted preference of uncontrolled processes can lead to DoS
Credit: secalert@redhat.com secalert@redhat.com secalert@redhat.com
Affected Software | Affected Version | How to fix |
---|---|---|
redhat/pacemaker | <2.0.2 | 2.0.2 |
ubuntu/pacemaker | <1.1.18-0ubuntu1.1 | 1.1.18-0ubuntu1.1 |
ubuntu/pacemaker | <1.1.18-2ubuntu1.18.10.1 | 1.1.18-2ubuntu1.18.10.1 |
ubuntu/pacemaker | <1.1.18-2ubuntu1.19.04.1 | 1.1.18-2ubuntu1.19.04.1 |
ubuntu/pacemaker | <1.1.14-2ubuntu1.6 | 1.1.14-2ubuntu1.6 |
Clusterlabs Pacemaker | <=2.0.1 | |
Canonical Ubuntu Linux | =16.04 | |
Canonical Ubuntu Linux | =18.04 | |
Canonical Ubuntu Linux | =18.10 | |
Canonical Ubuntu Linux | =19.04 | |
Fedoraproject Fedora | =28 | |
Fedoraproject Fedora | =29 | |
Fedoraproject Fedora | =30 | |
Debian Debian Linux | =9.0 | |
openSUSE Leap | =15.0 | |
openSUSE Leap | =42.3 | |
Redhat Enterprise Linux | =8.0 | |
Redhat Enterprise Linux Aus | =8.2 | |
Redhat Enterprise Linux Aus | =8.4 | |
Redhat Enterprise Linux Aus | =8.6 | |
Redhat Enterprise Linux Eus | =8.1 | |
Redhat Enterprise Linux Eus | =8.2 | |
Redhat Enterprise Linux Eus | =8.4 | |
Redhat Enterprise Linux Eus | =8.6 | |
Redhat Enterprise Linux Tus | =8.2 | |
Redhat Enterprise Linux Tus | =8.4 | |
Redhat Enterprise Linux Tus | =8.6 | |
<=2.0.1 | ||
=16.04 | ||
=18.04 | ||
=18.10 | ||
=19.04 | ||
=28 | ||
=29 | ||
=30 | ||
=9.0 | ||
=15.0 | ||
=42.3 | ||
=8.0 | ||
=8.2 | ||
=8.4 | ||
=8.6 | ||
=8.1 | ||
=8.2 | ||
=8.4 | ||
=8.6 | ||
=8.2 | ||
=8.4 | ||
=8.6 | ||
debian/pacemaker | 2.0.1-5+deb10u2 2.0.1-5+deb10u1 2.0.5-2 2.1.5-1+deb12u1 2.1.6-4 |
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
CVE-2018-16878 is a vulnerability found in pacemaker up to and including version 2.0.1.
The severity of CVE-2018-16878 is medium with a severity value of 5.5.
CVE-2018-16878 can lead to a denial-of-service (DoS) attack due to insufficient verification inflicted preference of uncontrolled processes.
Pacemaker versions up to and including 2.0.1 are affected by CVE-2018-16878.
To fix CVE-2018-16878, update pacemaker to version 2.0.2 or higher.