CVE-2018-1084

See a problem?
Please try reporting it to the source first.
Source
https://nvd.nist.gov/vuln/detail/CVE-2018-1084
Import Source
https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2018-1084.json
JSON Data
https://api.osv.dev/v1/vulns/CVE-2018-1084
Downstream
Related
Published
2018-04-12T17:29:00.297Z
Modified
2025-11-20T10:45:03.191121Z
Severity
  • 7.5 (High) CVSS_V3 - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H CVSS Calculator
Summary
[none]
Details

corosync before version 2.4.4 is vulnerable to an integer overflow in exec/totemcrypto.c.

References

Affected packages

Git / github.com/corosync/corosync

Affected ranges

Type
GIT
Repo
https://github.com/corosync/corosync
Events
Introduced
ebb007a16c6a8d9e6f783ed82b324cb232c64be5
Fixed
b25b029fe186bacf089ab8136da58390945eb35c

Affected versions

v2.*

v2.3.0
v2.3.1
v2.3.2
v2.3.3
v2.3.4
v2.3.5
v2.3.6
v2.4.0
v2.4.1
v2.4.2
v2.4.3

Database specific

vanir_signatures

[
    {
        "deprecated": false,
        "signature_version": "v1",
        "digest": {
            "length": 1060.0,
            "function_hash": "168909057183529809605519259490427602883"
        },
        "id": "CVE-2018-1084-2f88745b",
        "signature_type": "Function",
        "source": "https://github.com/corosync/corosync/commit/b25b029fe186bacf089ab8136da58390945eb35c",
        "target": {
            "file": "qdevices/msgio.c",
            "function": "msgio_read"
        }
    },
    {
        "deprecated": false,
        "signature_version": "v1",
        "digest": {
            "length": 246.0,
            "function_hash": "284537285876399155177953511968022271313"
        },
        "id": "CVE-2018-1084-a5136807",
        "signature_type": "Function",
        "source": "https://github.com/corosync/corosync/commit/b25b029fe186bacf089ab8136da58390945eb35c",
        "target": {
            "file": "qdevices/msgio.c",
            "function": "msgio_send"
        }
    },
    {
        "deprecated": false,
        "signature_version": "v1",
        "digest": {
            "length": 668.0,
            "function_hash": "234778371694560099707805119483214683622"
        },
        "id": "CVE-2018-1084-bd6bc490",
        "signature_type": "Function",
        "source": "https://github.com/corosync/corosync/commit/b25b029fe186bacf089ab8136da58390945eb35c",
        "target": {
            "file": "qdevices/msgio.c",
            "function": "msgio_send_blocking"
        }
    },
    {
        "deprecated": false,
        "signature_version": "v1",
        "digest": {
            "threshold": 0.9,
            "line_hashes": [
                "153129037848839284632306385603232952518",
                "97087375145542111947122973264401651133",
                "202360194298251204678799085995008068438",
                "212278227865203050023966391457096052916",
                "210233797977397835811048594129242157668",
                "198235021176952061122881816305008466292",
                "19725743314880908593834536149103613332",
                "78358676129980818130312207855533379432",
                "253467361333547277622606621298077629528",
                "124742392185209659166133710360479733852",
                "115571049646959871980902106791243085865",
                "60878125709894515559181936701405642550",
                "58501617043625233469895484121035435907",
                "269199273140576244144661704500535819480",
                "273432946617112483831469820789895844167",
                "38173102092186573622036322647227211602",
                "102822704274298422181624219837278959168",
                "308755466900148013892772778840431152314",
                "5982963916221975782480982541687221014",
                "148578632799890699300276718888735722055",
                "36225371800182019664320722746005326797",
                "250188211001290152083109239307997556907",
                "62221506183875954458742585320129680298",
                "90291499983371681648393804416869530502",
                "267211968934928312025215355231557527615",
                "304356959915516084733036478322193862066",
                "311516338822034247265019859680029506419",
                "168064942849398215583026806385041486776",
                "110636223664051986282678567163445319444",
                "140117492790367846477749918007795051944",
                "225930815013250370806735560599963244278",
                "142826364725572362790054713474092972778",
                "331617199575187499557791261051841969626",
                "321087742716430918931178548283627147842",
                "330260127587155505433766228678296984713",
                "285911173712597865457604978227332101757",
                "228389938878364589129899474566296700055",
                "324241440731206002083263304542025504477",
                "204066910912632282706234302079988046336",
                "95475136156641370329995084497740325117",
                "199807915204957579802637269353629211126",
                "184285742906836643797550452908772860677",
                "161057451477993701871538912221292661408",
                "261670782740747123744120429300651703436",
                "21596660726703493709981860719358138494",
                "273371568899242105850112635921761873659",
                "296558011433989923867686041524569658404",
                "162518720926415248474086992216627814026",
                "243500473691220518005278193176793737467",
                "27623498435807173245454439944070709018",
                "26033609051871270144995370761168818125",
                "51194571991210621451780794821334550942",
                "188509844265510919890264492871645939639",
                "97588537082481450526951883470332459803",
                "210204882523985647973065203940396752850",
                "44818673802248412427415544436834915362",
                "211978473190367579450977710730057516200",
                "175630762951707581181980101348897719719",
                "83166049021892974704993903938398873886",
                "240378798044346741970902783589568455897",
                "152618035852768666156401726654399996494",
                "714989600962536466388901729247764443",
                "57270691823150466924566681826572271251",
                "216367521309296643666684152362057852360",
                "272059255378182374195432642488231269686",
                "14084332094749608467198150527873030261",
                "9856192337955984881701830428324433234"
            ]
        },
        "id": "CVE-2018-1084-dc190780",
        "signature_type": "Line",
        "source": "https://github.com/corosync/corosync/commit/b25b029fe186bacf089ab8136da58390945eb35c",
        "target": {
            "file": "qdevices/msgio.c"
        }
    },
    {
        "deprecated": false,
        "signature_version": "v1",
        "digest": {
            "length": 515.0,
            "function_hash": "312414240408718228801754512951055053109"
        },
        "id": "CVE-2018-1084-ec658b5c",
        "signature_type": "Function",
        "source": "https://github.com/corosync/corosync/commit/b25b029fe186bacf089ab8136da58390945eb35c",
        "target": {
            "file": "qdevices/msgio.c",
            "function": "msgio_write"
        }
    }
]