Note: This is a public test instance of Red Hat Bugzilla. The data contained within is a snapshot of the live data so any changes you make will not be reflected in the production Bugzilla. Email is disabled so feel free to test any aspect of the site that you want. File any problems you find or give feedback at bugzilla.redhat.com.
Bug 1369732 (CVE-2016-7035)
Summary: | CVE-2016-7035 pacemaker: Privilege escalation due to improper guarding of IPC communication | ||||||
---|---|---|---|---|---|---|---|
Product: | [Other] Security Response | Reporter: | Adam Mariš <amaris> | ||||
Component: | vulnerability | Assignee: | Red Hat Product Security <security-response-team> | ||||
Status: | CLOSED ERRATA | QA Contact: | |||||
Severity: | high | Docs Contact: | |||||
Priority: | high | ||||||
Version: | unspecified | CC: | abeekhof, btotty, cbuissar, cfeist, jpokorny, kgaillot, security-response-team, slong, yozone | ||||
Target Milestone: | --- | Keywords: | Security | ||||
Target Release: | --- | ||||||
Hardware: | All | ||||||
OS: | Linux | ||||||
Whiteboard: | |||||||
Fixed In Version: | pacemaker 1.1.16 | Doc Type: | If docs needed, set a value | ||||
Doc Text: |
An authorization flaw was found in Pacemaker, where it did not properly guard its IPC interface. An attacker with an unprivileged account on a Pacemaker node could use this flaw to, for example, force the Local Resource Manager daemon to execute a script as root and thereby gain root access on the machine.
|
Story Points: | --- | ||||
Clone Of: | Environment: | ||||||
Last Closed: | 2016-11-08 13:49:04 UTC | Type: | --- | ||||
Regression: | --- | Mount Type: | --- | ||||
Documentation: | --- | CRM: | |||||
Verified Versions: | Category: | --- | |||||
oVirt Team: | --- | RHEL 7.3 requirements from Atomic Host: | |||||
Cloudforms Team: | --- | Target Upstream Version: | |||||
Embargoed: | |||||||
Bug Depends On: | 1374774, 1374775, 1374776, 1374777, 1391386 | ||||||
Bug Blocks: | |||||||
Attachments: |
|
Description
Adam Mariš
2016-08-24 09:21:25 UTC
Acknowledgments: Name: Jan "poki" Pokorny (Red Hat), Alain Moulle (ATOS/BULL) *** Bug 1369467 has been marked as a duplicate of this bug. *** *** Bug 1379782 has been marked as a duplicate of this bug. *** Created pacemaker tracking bugs for this issue: Affects: fedora-all [bug 1391386] Created attachment 1216896 [details]
Fix, latest version
This issue has been addressed in the following products: Red Hat Enterprise Linux 7 Via RHSA-2016:2614 https://rhn.redhat.com/errata/RHSA-2016-2614.html This issue has been addressed in the following products: Red Hat Enterprise Linux 6 Via RHSA-2016:2675 https://rhn.redhat.com/errata/RHSA-2016-2675.html |