GHSA-94r4-qcg7-69qjHighCVSS 8.6

A flaw was found in Pacemaker. An unauthenticated remote attacker can exploit an integer overflow...

Published
June 16, 2026
Last Modified
June 16, 2026

🔗 CVE IDs covered (1)

📋 Description

A flaw was found in Pacemaker. An unauthenticated remote attacker can exploit an integer overflow vulnerability in the remote message decompression process. By sending a specially crafted compressed remote message before authentication, an attacker can cause memory corruption, leading to a denial of service (DoS) in the CIB remote listener. This can result in the affected service crashing.

🔗 References (5)