CVE-2022-2735
First published: Tue Aug 09 2022(Updated: )
A security issue was discovered in pcs project. It is caused by incorrect permissions on a unix socket used for internal communication between pcs daemons. A privilege escalation could happen by obtaining authentication token for hacluster user. With the hacluster token, an attacker has complete control over the cluster managed by pcs. The bug was introduced in pcs version 0.10.5 by this bz [1] [1] <a class="bz_bug_link bz_secure " title="" href="show_bug.cgi?id=1783106">https://bugzilla.redhat.com/show_bug.cgi?id=1783106</a>
Credit: secalert@redhat.com secalert@redhat.com
| Affected Software | Affected Version | How to fix |
|---|---|---|
| debian/pcs | <=0.10.8-1<=0.11.3-1 | 0.11.3-2 0.10.8-1+deb11u1 |
| ClusterLabs pcs | >=0.10.5<=0.11.3 | |
| Debian Debian Linux | =11.0 | |
| debian/pcs | 0.10.1-2 0.10.1-2+deb10u1 0.10.8-1+deb11u1 0.11.5-1+deb12u1 0.11.6-2 | |
| Debian | =11.0 |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Reference Links
- https://security-tracker.debian.org/tracker/CVE-2022-2735
- https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-2735
- https://www.openwall.com/lists/oss-security/2022/09/01/4
- https://salsa.debian.org/ha-team/pcs/-/commits/master/pcsd/pcsd-ruby.service.in
- https://salsa.debian.org/ha-team/pcs/-/blob/38330deb0d849d6a1945856b24323043f6a7839b/pcs/daemon/ruby_pcsd.py
- https://security-tracker.debian.org/tracker/CVE-2022-1049
- https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1018930
- https://access.redhat.com/security/cve/CVE-2022-2735
- https://bugzilla.redhat.com/show_bug.cgi?id=2116815
- https://www.debian.org/security/2022/dsa-5226
- https://bugzilla.redhat.com/show_bug.cgi/show_bug.cgi?id=1783106
- https://bugzilla.redhat.com/show_bug.cgi/show_bug.cgi?id=2123389
- https://access.redhat.com/errata/RHSA-2022:6312
- https://access.redhat.com/errata/RHSA-2022:6313
- https://access.redhat.com/errata/RHSA-2022:6314
- https://access.redhat.com/errata/RHSA-2022:6341
- https://access.redhat.com/security/cve/cve-2022-2735
- https://github.com/ClusterLabs/pcs/commit/de068e2066e377d1cc77edf25aed0198e4c77f7b
Frequently Asked Questions
What is vulnerability CVE-2022-2735?
Vulnerability CVE-2022-2735 is a privilege escalation vulnerability in the PCS project.
How does vulnerability CVE-2022-2735 occur?
Vulnerability CVE-2022-2735 occurs due to incorrect permissions on a Unix socket used for internal communication between PCS daemons.
What is the severity of vulnerability CVE-2022-2735?
The severity of vulnerability CVE-2022-2735 is high, with a CVSS score of 7.8.
Which software versions are affected by vulnerability CVE-2022-2735?
The following versions of the PCS project are affected: 0.10.1-2, 0.10.1-2+deb10u1, 0.10.8-1+deb11u1, 0.11.5-1, and 0.11.6-1.
How can vulnerability CVE-2022-2735 be fixed?
To fix vulnerability CVE-2022-2735, update the PCS project to version 0.11.3-2 or higher.
- collector/debian-bugs
- alias/CVE-2022-2735
- collector/nvd-index
- collector/security-tracker-debian
- agent/type
- agent/softwarecombine
- agent/first-publish-date
- collector/redhat-bugzilla
- source/Red Hat
- agent/references
- agent/severity
- agent/remedy
- agent/weakness
- agent/author
- agent/description
- collector/mitre-cve
- source/MITRE
- agent/last-modified-date
- agent/event
- agent/source
- agent/tags
- collector/nvd-api
- source/NVD
- agent/software-canonical-lookup
- agent/software-canonical-lookup-request
- package-manager/debian
- vendor/clusterlabs
- canonical/clusterlabs pcs
- version/clusterlabs pcs/0.10.5
- version/clusterlabs pcs/0.11.3
- vendor/debian
- canonical/debian debian linux
- version/debian debian linux/11.0
- canonical/debian
- version/debian/11.0