Note: This is a public test instance of Red Hat Bugzilla. The data contained within is a snapshot of the live data so any changes you make will not be reflected in the production Bugzilla. Email is disabled so feel free to test any aspect of the site that you want. File any problems you find or give feedback at bugzilla.redhat.com.
Bug 1706306
Summary: | CVE-2018-16877 pacemaker: Insufficient local IPC client-server authentication on the client's side can lead to local privesc [openstack-rdo] | ||
---|---|---|---|
Product: | [Community] RDO | Reporter: | Huzaifa S. Sidhpurwala <huzaifas> |
Component: | distribution | Assignee: | Alfredo Moralejo <amoralej> |
Status: | CLOSED NOTABUG | QA Contact: | Shai Revivo <srevivo> |
Severity: | high | Docs Contact: | |
Priority: | high | ||
Version: | unspecified | CC: | dbecker, jjoyce, jschluet, lhh, lpeer, markmc, mburns, sclewis, slinaber, srevivo |
Target Milestone: | --- | Keywords: | Security, SecurityTracking |
Target Release: | trunk | ||
Hardware: | Unspecified | ||
OS: | Unspecified | ||
Whiteboard: | component:pacemaker | ||
Fixed In Version: | Doc Type: | No Doc Update | |
Doc Text: | Story Points: | --- | |
Clone Of: | Environment: | ||
Last Closed: | 2020-07-23 10:38:28 UTC | Type: | --- |
Regression: | --- | Mount Type: | --- |
Documentation: | --- | CRM: | |
Verified Versions: | Category: | --- | |
oVirt Team: | --- | RHEL 7.3 requirements from Atomic Host: | |
Cloudforms Team: | --- | Target Upstream Version: | |
Embargoed: | |||
Bug Depends On: | |||
Bug Blocks: | 1652646 |
Description
Huzaifa S. Sidhpurwala
2019-05-04 07:56:32 UTC
RDO uses pacemaker from HA repos in CentOS (rebuilt from RHEL HA) so we get CVE fixed from there. |