CLSA-2026-1777742234
See a problem?- Import Source
- https://github.com/cloudlinux/tuxcare-osv/tree/main/data/els_os/almalinux9.6esu/CLSA-2026-1777742234.json
- JSON Data
- https://api.osv.dev/v1/vulns/CLSA-2026-1777742234
- Upstream
- Published
- 2026-05-02T17:17:19Z
- Modified
- 2026-06-01T00:32:50.071224276Z
- Summary
- corosync: Fix of 2 CVEs
- Details
-
- CVE-2026-35091: fix incorrect return value in checkmembcommittokensanity allowing DoS via crafted membcommittoken packet
- CVE-2026-35092: fix integer overflow in checkmembjoinsanity allowing bypass of length validation via crafted membjoin packet
- References
Affected packages
TuxCare:AlmaLinux:9.6 / corosync
Package
- Name
- corosync
- Purl
- pkg:rpm/tuxcare/corosync?distro=almalinux-9.6
TuxCare:AlmaLinux:9.6 / corosync-vqsim
Package
- Name
- corosync-vqsim
- Purl
- pkg:rpm/tuxcare/corosync-vqsim?distro=almalinux-9.6
TuxCare:AlmaLinux:9.6 / corosynclib
Package
- Name
- corosynclib
- Purl
- pkg:rpm/tuxcare/corosynclib?distro=almalinux-9.6