CVE-2020-25654
First published: Wed Oct 14 2020(Updated: )
An ACL bypass flaw was found in pacemaker. An attacker having a local account on the cluster and in the haclient group could use IPC communication with various daemons directly to perform certain tasks that they would be prevented by ACLs from doing if they went through the configuration.
Credit: secalert@redhat.com secalert@redhat.com
| Affected Software | Affected Version | How to fix |
|---|---|---|
| redhat/pacemaker | <1.1.24 | 1.1.24 |
| redhat/pacemaker | <2.0.5 | 2.0.5 |
| redhat/pacemaker | <0:1.1.23-1.el7_9.1 | 0:1.1.23-1.el7_9.1 |
| redhat/pacemaker | <0:2.0.4-6.el8_3.1 | 0:2.0.4-6.el8_3.1 |
| redhat/pacemaker | <0:2.0.3-5.el8_2.3 | 0:2.0.3-5.el8_2.3 |
| Clusterlabs Pacemaker | <1.1.23 | |
| Clusterlabs Pacemaker | >=2.0.0<2.0.3 | |
| Clusterlabs Pacemaker | =2.0.5-rc1 | |
| Debian Debian Linux | =9.0 |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Reference Links
- https://bugzilla.redhat.com/show_bug.cgi?id=1888191
- https://lists.clusterlabs.org/pipermail/users/2020-October/027840.html
- https://lists.debian.org/debian-lts-announce/2021/01/msg00007.html
- https://seclists.org/oss-sec/2020/q4/83
- https://security.gentoo.org/glsa/202309-09
- https://bugzilla.redhat.com/show_bug.cgi/attachment.cgi?id=1722698&action=diff
- https://bugzilla.redhat.com/show_bug.cgi/attachment.cgi?id=1722698&action=edit
- https://access.redhat.com/security/cve/CVE-2020-25654
- https://bugzilla.redhat.com/show_bug.cgi/attachment.cgi?id=1722699&action=diff
- https://bugzilla.redhat.com/show_bug.cgi/attachment.cgi?id=1722699&action=edit
- https://bugzilla.redhat.com/show_bug.cgi/attachment.cgi?id=1722700&action=diff
- https://bugzilla.redhat.com/show_bug.cgi/attachment.cgi?id=1722700&action=edit
- https://bugzilla.redhat.com/show_bug.cgi/attachment.cgi?id=1722701&action=diff
- https://bugzilla.redhat.com/show_bug.cgi/attachment.cgi?id=1722701&action=edit
- https://bugzilla.redhat.com/show_bug.cgi/show_bug.cgi?id=1891718
- https://bugzilla.redhat.com/show_bug.cgi/show_bug.cgi?id=1891719
- https://lists.clusterlabs.org/pipermail/developers/2020-October/002324.html
- https://github.com/ClusterLabs/pacemaker/releases/tag/Pacemaker-2.0.5-rc2
- https://github.com/ClusterLabs/pacemaker/releases/tag/Pacemaker-1.1.24-rc1
- https://access.redhat.com/errata/RHSA-2020:5423
- https://access.redhat.com/errata/RHSA-2020:5453
- https://access.redhat.com/security/cve/cve-2020-25654
- https://access.redhat.com/errata/RHSA-2020:5487
- https://www.cve.org/CVERecord?id=CVE-2020-25654 https://nvd.nist.gov/vuln/detail/CVE-2020-25654 https://lists.clusterlabs.org/pipermail/users/2020-October/027840.html https://seclists.org/oss-sec/2020/q4/83
Parent vulnerabilities
(Appears in the following advisories)
Frequently Asked Questions
What is the vulnerability ID of this security flaw?
The vulnerability ID is CVE-2020-25654.
What is the severity level of CVE-2020-25654?
The severity level of CVE-2020-25654 is critical with a CVSS score of 7.2.
What is the affected software for CVE-2020-25654?
The affected software for CVE-2020-25654 is Clusterlabs Pacemaker versions up to and including 1.1.23, versions between 2.0.0 and 2.0.3, and version 2.0.5-rc1. It also affects Debian Debian Linux version 9.0.
How can an attacker exploit CVE-2020-25654?
An attacker with a local account on the cluster and in the haclient group can use IPC communication with various daemons to directly perform certain tasks that would be prevented if they had gone through configured ACLs.
What is the fix for CVE-2020-25654?
The fix for CVE-2020-25654 is to upgrade to Clusterlabs Pacemaker version 1.1.24 or later, or version 2.0.5 or later. For Debian Debian Linux, update to version 9.0 or later.
- collector/nvd-api
- collector/redhat-cve
- agent/author
- agent/type
- agent/last-modified-date
- agent/first-publish-date
- collector/nvd-index
- agent/software-canonical-lookup
- agent/softwarecombine
- agent/tags
- agent/references
- agent/severity
- agent/weakness
- agent/description
- collector/redhat-bugzilla
- source/Red Hat
- alias/CVE-2020-25654
- agent/event
- collector/mitre-cve
- source/MITRE
- vendor/clusterlabs
- canonical/clusterlabs pacemaker
- version/clusterlabs pacemaker/2.0.0
- version/clusterlabs pacemaker/2.0.5-rc1
- vendor/debian
- canonical/debian debian linux
- version/debian debian linux/9.0
- package-manager/redhat